From d23f8418ef6c90cc0ddaae4785e9d5e6e7dcb0f8 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Wed, 10 Jun 2026 08:30:23 +0000
Subject: [PATCH] chore: update NVD/GHSA advisories - 1 NVD new, 0 NVD updated

Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-06-03T07:38:12Z to 2026-06-10T08:29:07.000Z
---
 advisories/feed.json                         | 45 +++++++++++++++++---
 advisories/feed.json.sig                     |  2 +-
 advisories/ghsa-without-cve.json             | 10 ++---
 advisories/ghsa-without-cve.json.sig         |  2 +-
 skills/clawsec-feed/advisories/feed.json     | 45 +++++++++++++++++---
 skills/clawsec-feed/advisories/feed.json.sig |  2 +-
 6 files changed, 88 insertions(+), 18 deletions(-)

diff --git a/advisories/feed.json b/advisories/feed.json
index c91ce0a0..2aa9f685 100644
--- a/advisories/feed.json
+++ b/advisories/feed.json
@@ -1,8 +1,43 @@
 {
   "version": "0.0.3",
-  "updated": "2026-06-03T07:38:12Z",
+  "updated": "2026-06-10T08:30:16Z",
   "description": "Community-driven security advisory feed for ClawSec. Automatically updated with OpenClaw-related CVEs from NVD and community-reported security incidents.",
   "advisories": [
+    {
+      "id": "CVE-2026-11461",
+      "severity": "medium",
+      "type": "improper_authorization",
+      "nvd_category_id": "CWE-285",
+      "title": "A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function ...",
+      "description": "A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolve_session_by_title of the file hermes_state.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+      "affected": [
+        "hermes@*"
+      ],
+      "platforms": [
+        "hermes"
+      ],
+      "action": "Review and update affected components. See NVD for remediation details.",
+      "published": "2026-06-07T22:16:22.547",
+      "references": [
+        "https://gist.github.com/YLChen-007/7951b3dc39193fb675914cc5d8b672fa",
+        "https://gist.github.com/YLChen-007/c2d162e9c8d39584223683cdcba98607",
+        "https://vuldb.com/cve/CVE-2026-11461"
+      ],
+      "cvss_score": 6.3,
+      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11461",
+      "exploitability_score": "medium",
+      "exploitability_rationale": "Medium CVSS score (6.3); network accessible",
+      "attack_vector_analysis": {
+        "is_network_accessible": true,
+        "requires_authentication": true,
+        "requires_user_interaction": false,
+        "complexity": "low"
+      },
+      "exploit_detection": {
+        "exploit_available": false,
+        "exploit_sources": []
+      }
+    },
     {
       "id": "CVE-2026-10548",
       "severity": "medium",
@@ -12216,8 +12251,8 @@
       "id": "GHSA-jf56-mccx-5f3f",
       "ghsa_id": "GHSA-jf56-mccx-5f3f",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",
@@ -12260,8 +12295,8 @@
       "id": "GHSA-gfmx-pph7-g46x",
       "ghsa_id": "GHSA-gfmx-pph7-g46x",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",
diff --git a/advisories/feed.json.sig b/advisories/feed.json.sig
index 2d89e275..22125cbc 100644
--- a/advisories/feed.json.sig
+++ b/advisories/feed.json.sig
@@ -1 +1 @@
-v+PiWmjIkY6zdIyI9xJX0l0aTy0Azp1+LoZR6qaiDZJnXFuSBX4Sw/x5tMdTb0xSbqdDTJOZwwWI8coPVepzBw==
\ No newline at end of file
+agiAAFvzM1vNHxH2+bGtyeKqFScLWJHnNreBcPpTODUqD0xqFi0cnyP/ZaZX+Rsw1Y9uZ7pGdFdA93pD4lh2BQ==
\ No newline at end of file
diff --git a/advisories/ghsa-without-cve.json b/advisories/ghsa-without-cve.json
index fafbea76..2c73dc61 100644
--- a/advisories/ghsa-without-cve.json
+++ b/advisories/ghsa-without-cve.json
@@ -1,6 +1,6 @@
 {
   "version": "0.1.0",
-  "updated": "2026-06-03T07:38:13Z",
+  "updated": "2026-06-10T08:30:16Z",
   "description": "Provisional ClawSec advisory feed for public GitHub Security Advisories that do not yet have CVE identifiers.",
   "stale_after_days": 60,
   "semantics": {
@@ -2810,8 +2810,8 @@
       "id": "GHSA-jf56-mccx-5f3f",
       "ghsa_id": "GHSA-jf56-mccx-5f3f",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",
@@ -2853,8 +2853,8 @@
       "id": "GHSA-gfmx-pph7-g46x",
       "ghsa_id": "GHSA-gfmx-pph7-g46x",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",
diff --git a/advisories/ghsa-without-cve.json.sig b/advisories/ghsa-without-cve.json.sig
index 7ca086bc..30f8b373 100644
--- a/advisories/ghsa-without-cve.json.sig
+++ b/advisories/ghsa-without-cve.json.sig
@@ -1 +1 @@
-SCkRaPMF6IYDwZuR7/JJXxpB7A7ebuMvLqK827uWX0yfEJr7l2gyLpxvHsEpWJDzE4gchxd5yqJx5qF/yqNwAg==
\ No newline at end of file
+q1EyZ75QcdG2X6FVDkUoAyBtQE3ONA+7k9cmNFmXFgOOuGRPOpSDFUtbSvy86HPqnii26DMoeFJ1hatWJ0lBCQ==
\ No newline at end of file
diff --git a/skills/clawsec-feed/advisories/feed.json b/skills/clawsec-feed/advisories/feed.json
index c91ce0a0..2aa9f685 100644
--- a/skills/clawsec-feed/advisories/feed.json
+++ b/skills/clawsec-feed/advisories/feed.json
@@ -1,8 +1,43 @@
 {
   "version": "0.0.3",
-  "updated": "2026-06-03T07:38:12Z",
+  "updated": "2026-06-10T08:30:16Z",
   "description": "Community-driven security advisory feed for ClawSec. Automatically updated with OpenClaw-related CVEs from NVD and community-reported security incidents.",
   "advisories": [
+    {
+      "id": "CVE-2026-11461",
+      "severity": "medium",
+      "type": "improper_authorization",
+      "nvd_category_id": "CWE-285",
+      "title": "A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function ...",
+      "description": "A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolve_session_by_title of the file hermes_state.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+      "affected": [
+        "hermes@*"
+      ],
+      "platforms": [
+        "hermes"
+      ],
+      "action": "Review and update affected components. See NVD for remediation details.",
+      "published": "2026-06-07T22:16:22.547",
+      "references": [
+        "https://gist.github.com/YLChen-007/7951b3dc39193fb675914cc5d8b672fa",
+        "https://gist.github.com/YLChen-007/c2d162e9c8d39584223683cdcba98607",
+        "https://vuldb.com/cve/CVE-2026-11461"
+      ],
+      "cvss_score": 6.3,
+      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11461",
+      "exploitability_score": "medium",
+      "exploitability_rationale": "Medium CVSS score (6.3); network accessible",
+      "attack_vector_analysis": {
+        "is_network_accessible": true,
+        "requires_authentication": true,
+        "requires_user_interaction": false,
+        "complexity": "low"
+      },
+      "exploit_detection": {
+        "exploit_available": false,
+        "exploit_sources": []
+      }
+    },
     {
       "id": "CVE-2026-10548",
       "severity": "medium",
@@ -12216,8 +12251,8 @@
       "id": "GHSA-jf56-mccx-5f3f",
       "ghsa_id": "GHSA-jf56-mccx-5f3f",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",
@@ -12260,8 +12295,8 @@
       "id": "GHSA-gfmx-pph7-g46x",
       "ghsa_id": "GHSA-gfmx-pph7-g46x",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",
diff --git a/skills/clawsec-feed/advisories/feed.json.sig b/skills/clawsec-feed/advisories/feed.json.sig
index 2d89e275..22125cbc 100644
--- a/skills/clawsec-feed/advisories/feed.json.sig
+++ b/skills/clawsec-feed/advisories/feed.json.sig
@@ -1 +1 @@
-v+PiWmjIkY6zdIyI9xJX0l0aTy0Azp1+LoZR6qaiDZJnXFuSBX4Sw/x5tMdTb0xSbqdDTJOZwwWI8coPVepzBw==
\ No newline at end of file
+agiAAFvzM1vNHxH2+bGtyeKqFScLWJHnNreBcPpTODUqD0xqFi0cnyP/ZaZX+Rsw1Y9uZ7pGdFdA93pD4lh2BQ==
\ No newline at end of file