CVE-2026-49959 — Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration — CVE Database · The Intelligence Room