Every CVE whose affected-product data names Hashicorp Hermes, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2025-1293 — CVSS 8.2 (high): Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for…