216.73.216.67

CVE-2026-47175

· Published 11/06/2026 21:16 · Modified 11/06/2026 20:58 · Author: The MITRE Corporation

Labels: CVE-2026-47175 2026-06-11CVE-2026-47175CWE-116[email protected]

Essential information

Published
11/06/2026 21:16
Modified
11/06/2026 20:58
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
2.3 LOW (v3) 2.3 LOW (v4.0)
CISA KEV
No
CWE
CWE-116
CVSS vector

CVSS metrics

Description

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text in public bot replies without disabling mention parsing. A moderator who does not have permission to mention everyone can still make the bot send @everyone or @here if the bot has that permission. This issue has been patched in version 1.0.4.

NVD status

Status
Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
quest / quest bot cpe:2.3:a:quest:quest_bot:<1.0.4:*:*:*:*:*:*:*
quest / quest bot cpe:2.3:a:quest:quest_bot:1.0.4:*:*:*:*:*:*:*

References