Lucene search
K

17 matches found

NVD
NVD
added 2026/06/12 1:16 p.m.13 views

CVE-2026-47196

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the automod add command trims user input but does not reject an empty result. Adding a rule containing only whitespace stores an empty word. The message listener later checks content.includes"", which is always true, causing the bot ...

8.4CVSS0.00235EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 11:51 a.m.8 views

CVE-2026-47196 Quest Bot: Empty automod rule causes every guild message to be deleted

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the automod add command trims user input but does not reject an empty result. Adding a rule containing only whitespace stores an empty word. The message listener later checks content.includes"", which is always true, causing the bot ...

8.4CVSS5.2AI score0.00235EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 11:51 a.m.14 views

CVE-2026-47196

CVE-2026-47196 affects Quest Bot (open-source Discord bot). Before v1.1.6, the automod add command could create an empty rule when input is whitespace because it trims but does not reject an empty result; the message listener then checks content.includes("") which is always true, causing deletion...

8.4CVSS5.3AI score0.00235EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 11:51 a.m.7 views

EUVD-2026-36412

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the automod add command trims user input but does not reject an empty result. Adding a rule containing only whitespace stores an empty word. The message listener later checks content.includes"", which is always true, causing the bot ...

8.4CVSS5.2AI score0.00235EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 11:51 a.m.28 views

CVE-2026-47196 Quest Bot: Empty automod rule causes every guild message to be deleted

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the automod add command trims user input but does not reject an empty result. Adding a rule containing only whitespace stores an empty word. The message listener later checks content.includes"", which is always true, causing the bot ...

8.4CVSS0.00235EPSS
Exploits0References2
NVD
NVD
added 2026/06/11 7:16 p.m.12 views

CVE-2026-47163

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash commands can use /automod add, /automod remove, and /automod list because the command has no Discord default permission requirement and no runti...

7.2CVSS0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 6:31 p.m.8 views

EUVD-2026-36279

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. A user can learn a victim...

8.3CVSS5.4AI score0.00307EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 6:31 p.m.9 views

CVE-2026-47189 Quest Bot: AutoMod removal can delete rules from another guild by global rule ID

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. A user can learn a victim...

8.3CVSS5.4AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 6:31 p.m.25 views

CVE-2026-47189 Quest Bot: AutoMod removal can delete rules from another guild by global rule ID

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. A user can learn a victim...

8.3CVSS0.00307EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 6:31 p.m.10 views

CVE-2026-47189

CVE-2026-47189 — Quest Bot AutoMod removal : The issue affects Quest Bot (Discord bot) prior to version 1.0.5, where the AutoMod remove flow looks up and deletes rules by a global database ID without verifying that the rule belongs to the guild where the command runs. An attacker can learn a vict...

8.3CVSS5.5AI score0.00307EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 6:27 p.m.9 views

CVE-2026-47163 Quest Bot: Unprivileged users can create and remove AutoMod rules.

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash commands can use /automod add, /automod remove, and /automod list because the command has no Discord default permission requirement and no runti...

7.2CVSS5.4AI score0.00215EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 6:27 p.m.24 views

CVE-2026-47163 Quest Bot: Unprivileged users can create and remove AutoMod rules.

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash commands can use /automod add, /automod remove, and /automod list because the command has no Discord default permission requirement and no runti...

7.2CVSS0.00215EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 6:27 p.m.16 views

CVE-2026-47163

Quest Bot prior to v1.0.1 allowed any guild member who can invoke slash commands to use /automod add, /automod remove, and /automod list due to missing Discord default permission and runtime moderator checks. An attacker could add a rule matching common text and cause the bot to delete other user...

7.2CVSS5.4AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 6:27 p.m.8 views

EUVD-2026-36298

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash commands can use /automod add, /automod remove, and /automod list because the command has no Discord default permission requirement and no runti...

7.2CVSS5.4AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Quest Bot 安全漏洞

Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the /automod add, /automod remove, and /automod list commands not having the required...

7.2CVSS5.5AI score0.00215EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.11 views

PT-2026-48706

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash commands can use /automod add, /automod remove, and /automod list because the command has no Discord default permission requirement and no runti...

7.2CVSS5.4AI score0.00215EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.14 views

PT-2026-48719

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. A user can learn a victim...

8.3CVSS5.4AI score0.00307EPSS
Exploits0References3
Rows per page
Query Builder