PT-2026-48716

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...

EUVD-2024-25266

Malicious code in bioql PyPI...

CVE-2024-28111

Canarytokens helps track activity and actions on a network. Canarytokens.org supports exporting the history of a Canarytoken's incidents in CSV format. The generation of these CSV files is vulnerable to a CSV Injection vulnerability. This flaw can be used by an attacker who discovers an HTTP-base...

CVE-2024-28111 CSV Injection in exported history CSV files

Canarytokens helps track activity and actions on a network. Canarytokens.org supports exporting the history of a Canarytoken's incidents in CSV format. The generation of these CSV files is vulnerable to a CSV Injection vulnerability. This flaw can be used by an attacker who discovers an HTTP-base...

PT-2024-22268 · Microsoft · Office Excel

Name of the Vulnerable Software and Affected Versions: Canarytokens versions prior to sha-c595a1f8 Description: The generation of CSV files for incident history in Canarytokens is vulnerable to a CSV Injection issue. This can be exploited by an attacker who discovers an HTTP-based Canarytoken,...