prompt-security · davida-ps · Jun 10, 2026 · Jun 10, 2026
diff --git a/advisories/feed.json b/advisories/feed.json
@@ -1,8 +1,43 @@
 {
   "version": "0.0.3",
-  "updated": "2026-06-03T07:38:12Z",
+  "updated": "2026-06-10T08:30:16Z",
   "description": "Community-driven security advisory feed for ClawSec. Automatically updated with OpenClaw-related CVEs from NVD and community-reported security incidents.",
   "advisories": [
+    {
+      "id": "CVE-2026-11461",
+      "severity": "medium",
+      "type": "improper_authorization",
+      "nvd_category_id": "CWE-285",
+      "title": "A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function ...",
+      "description": "A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolve_session_by_title of the file hermes_state.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+      "affected": [
+        "hermes@*"
+      ],
+      "platforms": [
+        "hermes"
+      ],
+      "action": "Review and update affected components. See NVD for remediation details.",
+      "published": "2026-06-07T22:16:22.547",
+      "references": [
+        "https://gist.github.com/YLChen-007/7951b3dc39193fb675914cc5d8b672fa",
+        "https://gist.github.com/YLChen-007/c2d162e9c8d39584223683cdcba98607",
+        "https://vuldb.com/cve/CVE-2026-11461"
+      ],
+      "cvss_score": 6.3,
+      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11461",
+      "exploitability_score": "medium",
+      "exploitability_rationale": "Medium CVSS score (6.3); network accessible",
+      "attack_vector_analysis": {
+        "is_network_accessible": true,
+        "requires_authentication": true,
+        "requires_user_interaction": false,
+        "complexity": "low"
+      },
+      "exploit_detection": {
+        "exploit_available": false,
+        "exploit_sources": []
+      }
+    },
     {
       "id": "CVE-2026-10548",
       "severity": "medium",
@@ -12216,8 +12251,8 @@
       "id": "GHSA-jf56-mccx-5f3f",
       "ghsa_id": "GHSA-jf56-mccx-5f3f",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",
@@ -12260,8 +12295,8 @@
       "id": "GHSA-gfmx-pph7-g46x",
       "ghsa_id": "GHSA-gfmx-pph7-g46x",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",

diff --git a/advisories/feed.json.sig b/advisories/feed.json.sig
@@ -1 +1 @@
-v+PiWmjIkY6zdIyI9xJX0l0aTy0Azp1+LoZR6qaiDZJnXFuSBX4Sw/x5tMdTb0xSbqdDTJOZwwWI8coPVepzBw==
+agiAAFvzM1vNHxH2+bGtyeKqFScLWJHnNreBcPpTODUqD0xqFi0cnyP/ZaZX+Rsw1Y9uZ7pGdFdA93pD4lh2BQ==
diff --git a/advisories/ghsa-without-cve.json b/advisories/ghsa-without-cve.json
@@ -1,6 +1,6 @@
 {
   "version": "0.1.0",
-  "updated": "2026-06-03T07:38:13Z",
+  "updated": "2026-06-10T08:30:16Z",
   "description": "Provisional ClawSec advisory feed for public GitHub Security Advisories that do not yet have CVE identifiers.",
   "stale_after_days": 60,
   "semantics": {
@@ -2810,8 +2810,8 @@
       "id": "GHSA-jf56-mccx-5f3f",
       "ghsa_id": "GHSA-jf56-mccx-5f3f",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",
@@ -2853,8 +2853,8 @@
       "id": "GHSA-gfmx-pph7-g46x",
       "ghsa_id": "GHSA-gfmx-pph7-g46x",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",

diff --git a/advisories/ghsa-without-cve.json.sig b/advisories/ghsa-without-cve.json.sig
@@ -1 +1 @@
-SCkRaPMF6IYDwZuR7/JJXxpB7A7ebuMvLqK827uWX0yfEJr7l2gyLpxvHsEpWJDzE4gchxd5yqJx5qF/yqNwAg==
+q1EyZ75QcdG2X6FVDkUoAyBtQE3ONA+7k9cmNFmXFgOOuGRPOpSDFUtbSvy86HPqnii26DMoeFJ1hatWJ0lBCQ==
diff --git a/skills/clawsec-feed/advisories/feed.json b/skills/clawsec-feed/advisories/feed.json
@@ -1,8 +1,43 @@
 {
   "version": "0.0.3",
-  "updated": "2026-06-03T07:38:12Z",
+  "updated": "2026-06-10T08:30:16Z",
   "description": "Community-driven security advisory feed for ClawSec. Automatically updated with OpenClaw-related CVEs from NVD and community-reported security incidents.",
   "advisories": [
+    {
+      "id": "CVE-2026-11461",
+      "severity": "medium",
+      "type": "improper_authorization",
+      "nvd_category_id": "CWE-285",
+      "title": "A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function ...",
+      "description": "A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolve_session_by_title of the file hermes_state.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+      "affected": [
+        "hermes@*"
+      ],
+      "platforms": [
+        "hermes"
+      ],
+      "action": "Review and update affected components. See NVD for remediation details.",
+      "published": "2026-06-07T22:16:22.547",
+      "references": [
+        "https://gist.github.com/YLChen-007/7951b3dc39193fb675914cc5d8b672fa",
+        "https://gist.github.com/YLChen-007/c2d162e9c8d39584223683cdcba98607",
+        "https://vuldb.com/cve/CVE-2026-11461"
+      ],
+      "cvss_score": 6.3,
+      "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11461",
+      "exploitability_score": "medium",
+      "exploitability_rationale": "Medium CVSS score (6.3); network accessible",
+      "attack_vector_analysis": {
+        "is_network_accessible": true,
+        "requires_authentication": true,
+        "requires_user_interaction": false,
+        "complexity": "low"
+      },
+      "exploit_detection": {
+        "exploit_available": false,
+        "exploit_sources": []
+      }
+    },
     {
       "id": "CVE-2026-10548",
       "severity": "medium",
@@ -12216,8 +12251,8 @@
       "id": "GHSA-jf56-mccx-5f3f",
       "ghsa_id": "GHSA-jf56-mccx-5f3f",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",
@@ -12260,8 +12295,8 @@
       "id": "GHSA-gfmx-pph7-g46x",
       "ghsa_id": "GHSA-gfmx-pph7-g46x",
       "cve_id": null,
-      "status": "active",
-      "stale": false,
+      "status": "stale",
+      "stale": true,
       "stale_after_days": 60,
       "severity": "high",
       "type": "github_security_advisory",

diff --git a/skills/clawsec-feed/advisories/feed.json.sig b/skills/clawsec-feed/advisories/feed.json.sig
@@ -1 +1 @@
-v+PiWmjIkY6zdIyI9xJX0l0aTy0Azp1+LoZR6qaiDZJnXFuSBX4Sw/x5tMdTb0xSbqdDTJOZwwWI8coPVepzBw==
+agiAAFvzM1vNHxH2+bGtyeKqFScLWJHnNreBcPpTODUqD0xqFi0cnyP/ZaZX+Rsw1Y9uZ7pGdFdA93pD4lh2BQ==
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		v+PiWmjIkY6zdIyI9xJX0l0aTy0Azp1+LoZR6qaiDZJnXFuSBX4Sw/x5tMdTb0xSbqdDTJOZwwWI8coPVepzBw==
		agiAAFvzM1vNHxH2+bGtyeKqFScLWJHnNreBcPpTODUqD0xqFi0cnyP/ZaZX+Rsw1Y9uZ7pGdFdA93pD4lh2BQ==
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		SCkRaPMF6IYDwZuR7/JJXxpB7A7ebuMvLqK827uWX0yfEJr7l2gyLpxvHsEpWJDzE4gchxd5yqJx5qF/yqNwAg==
		q1EyZ75QcdG2X6FVDkUoAyBtQE3ONA+7k9cmNFmXFgOOuGRPOpSDFUtbSvy86HPqnii26DMoeFJ1hatWJ0lBCQ==