CVE-2026-48485

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the latest release suppresses mentions when creating, unbanning, unwarning, kicking, muting, and unmuting, but stored warning reasons are still printed by /warns without mention suppression. A moderator can create a warning with...

CVE-2026-48485

The CVE-2026-48485 affects Quest Bot (Discord bot). Before version 1.1.6, the bot suppressed mentions when actions like creating a warning occurred, but stored warning reasons can still be printed by /warns, potentially triggering a mass ping if the bot has permission. The root cause is that stor...

EUVD-2026-36415

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the latest release suppresses mentions when creating, unbanning, unwarning, kicking, muting, and unmuting, but stored warning reasons are still printed by /warns without mention suppression. A moderator can create a warning with...

CVE-2026-48485 Quest Bot: Stored warn reasons can still trigger bot-powered mass mentions through `/warns`.

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the latest release suppresses mentions when creating, unbanning, unwarning, kicking, muting, and unmuting, but stored warning reasons are still printed by /warns without mention suppression. A moderator can create a warning with...

CVE-2026-48485 Quest Bot: Stored warn reasons can still trigger bot-powered mass mentions through `/warns`.

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the latest release suppresses mentions when creating, unbanning, unwarning, kicking, muting, and unmuting, but stored warning reasons are still printed by /warns without mention suppression. A moderator can create a warning with...

PT-2026-48861

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the latest release suppresses mentions when creating, unbanning, unwarning, kicking, muting, and unmuting, but stored warning reasons are still printed by /warns without mention suppression. A moderator can create a warning with...

EUVD-2026-36278

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several moderation commands, but /unban and /unwarn still echo user-controlled reason text in public bot messages without allowedMentions. A...

CVE-2026-47175

Quest Bot (open-source Discord bot) prior to v1.0.4 allowed moderation commands to echo user-supplied reason text in public replies without disabling mention parsing, enabling a user with bot permissions to trigger @everyone/@here pings even when they lack mention permissions. The issue is fixed ...

PT-2026-48718

Name of the Vulnerable Software and Affected Versions Quest Bot versions prior to 1.0.5 Description Quest Bot is an open-source Discord Bot designed for moderation, utilities, and support. The bot fails to suppress mentions in the '/unban' and '/unwarn' endpoints, allowing user-controlled reason...

Fedora 42 : composer (2026-13b4dbe546)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-13b4dbe546 advisory. Version 2.9.3 - 2025-12-30 Security: Fixed ANSI sequence injection GHSA-59pp-r3rg-353g / CVE-2025-67746 Fixed COMPOSERNOSECURITYBLOCKING env var not being...

From Reviewers' Lens: Understanding Bug Bounty Report Invalid Reasons with LLMs

Bug bounty platforms e.g., HackerOne, BugCrowd leverage crowd-sourced vulnerability discovery to improve continuous coverage, reduce the cost of discovery, and serve as an integral complement to internal red teams. With the rise of AI-generated bug reports, little work exists to help bug hunters...

Rejected reason: Maintainers have included reasons at https://gitlab.gnome.org/GNOME/libsoup/-/issues/465

...

PT-2025-31613 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The vulnerability is a memory corruption issue. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

PT-2025-31615 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The reported issue is a Cross-Site Request Forgery CSRF. The reason for rejection is stated as 'Not used'. Recommendations: At the moment, there is no information about a newer...

PT-2025-31509 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The vulnerability is a SQL injection issue. The reason for rejection is stated as 'Not used'. Recommendations: At the moment, there is no information about a newer version that...

PT-2025-31176 · Citrix · Citrix Netscaler

Name of the Vulnerable Software and Affected Versions: Citrix NetScaler affected versions not specified Description: The vulnerability is a denial of service issue. The reason for rejection is stated as 'Not used'. Recommendations: At the moment, there is no information about a newer version that...

PT-2025-30405 · Undefined · Undefined

CVE-2025-54357 Rejected reason https://t.co/oXPZbq71gA...

PT-2025-29089 · Undefined · Undefined

CVE-2025-53750 Rejected reason https://t.co/4K6O6ugtI2...

PT-2025-28978 · Undefined · Undefined

CVE-2025-0646 Rejected reason https://t.co/dA7S4AYLRn...

PT-2025-29090 · Undefined · Undefined

CVE-2025-53752 Rejected reason https://t.co/gWCiSuoxtb...