CVE-2026-47197 – Quest Bot: Discord moderation role hierarchy bypass in ban, kick, mute, unmute, warn, and nickname commands

CVE ID :CVE-2026-47197

Published : 2026年6月12日 11:52 | 1 小时,30 分钟 ago

Description :Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, a moderator with the relevant Discord permission bit can use the bot to moderate users above them in the Discord role hierarchy, as long as the bot itself outranks the target. This bypasses Discord’s normal role hierarchy protections and lets lower-ranked moderators ban, kick, timeout, untimeout, warn, or rename higher-ranked users. This issue has been patched in version 1.1.6.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-47224 – NanaZip: Heap buffer-overflow read in NanaZip LVM metadata CRC check

CVE-2026-47222 – NanaZip: Heap out-of-bounds read in NanaZip AVB property descriptor parser via unsigned integer underflow

CVE-2026-53982 – Capgo Console < 12.28.2 Account Deletion DoS via Device Identifier Association

CVE-2026-9641 – Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations