CVE Catalog

CVE-2026-47176

MediumCVSS 5.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.04%

12th percentile — higher than 12% of all known CVEs

Summary

Quest Bot is an open-source modern Discord Bot that, prior to version 1.0.4, allowed users to configure logging settings, resulting in the logging of deleted and edited message contents from every channel, including private ones that the configuring user could not access.

Risk Assessment

Organizations may be at risk of leaking sensitive information as the bot logs messages from channels that the user should not have access to.

Recommendation

It is recommended to update the bot to version 1.0.4 to mitigate this vulnerability and restrict access to logging settings to trusted users.

Original NVD description (English source)

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can see, including private channels the configuring user cannot access. This issue has been patched in version 1.0.4.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS