HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-47163Published Modified CNA GitHub_M

CVE-2026-47163: Quest Bot: Unprivileged users can create and remove AutoMod rules.

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.1, any guild member who can invoke slash commands can use /automod add, /automod remove, and /automod list because the command has no Discord default permission requirement and no runtime moderator permission check. An attacker can add a rule matching common text and make the bot delete other users’ messages. This issue has been patched in version 1.0.1.

Metrics

CVSS v4.0
7.2
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

This is an authorization bypass vulnerability in Quest Bot, an open-source Discord moderation bot. Because the /automod add and /automod remove slash commands have no permission check at the command definition level or at runtime, any guild member who can invoke slash commands can create or delete AutoMod rules without needing moderator privileges. A successful attacker can silently suppress other users' messages by adding overly broad matching rules, or dismantle existing moderation rules entirely. Note: the description states the issue has been patched in version 1.0.1, though no fix version has been formally published in the advisory at this time; HarborGuard is tracking the advisory for confirmed patch availability.

HarborGuard Coverage

Detection

Detection of CVE-2026-47163 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images, including custom-built images that package Quest Bot or fork its source.

Available
Triage

HarborGuard scores this CVE at 7.2 HIGH using the CVSS v4.0 vector and weights findings against each environment's compliance policy, routing alerts to the appropriate team inbox within the customer organization based on configured severity thresholds.

Available
Patch

Because no fix version has been formally confirmed in the advisory record, HarborGuard re-checks the upstream advisory on every ingest cycle and will make a patched-image rebuild available the moment a confirmed fix is published. In the interim, customers can use HarborGuard's policy controls to flag any image shipping an affected Quest Bot version for manual review.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker interacts with the bot over the network via Discord's slash command interface, so the bot must be reachable and operational on the network.

  • AuthenticationRequired

    The attacker must hold a low-privilege Discord guild member account capable of invoking slash commands; no elevated or moderator role is needed beyond basic membership.

  • Victim interactionNot required

    The attacker invokes the slash commands directly and does not need any action from another user or administrator to exploit the vulnerability.

  • Attack complexityDetail

    Exploitation is reliable and condition-free: no race conditions or special environmental state are required to successfully invoke the unguarded commands.

Blast Radius

  • An attacker adds AutoMod rules that match common words or phrases, causing the bot to automatically delete legitimate messages from other guild members.
  • An attacker removes existing AutoMod rules, disabling active moderation filters and allowing previously blocked content to pass through.
  • Persistent manipulation of AutoMod rules lets an attacker selectively silence specific users or topics without any visible direct action, making abuse difficult to attribute quickly.
  • Guild administrators lose integrity over their moderation configuration, as any member can overwrite or erase rule sets without authorization.

How HarborGuard Handles This

Available on HarborGuard: CVE-2026-47163 is matched against images in customer registries and CI pipelines as soon as it appears in upstream advisory feeds. Because no formally confirmed fix version exists in the advisory record at this time, HarborGuard monitors the advisory on every ingest cycle and will make a patched-image rebuild available automatically once upstream publishes a confirmed fix. For customers who opt into auto-remediation, the rebuild, regression test run, and a PR opened against affected workloads will trigger without manual intervention the moment a fix version is confirmed. In the interim, compensating controls available through HarborGuard include flagging images that package an affected Quest Bot version as policy-violating, blocking them from promotion to production registries, and routing alerts to the team responsible for the affected workload. Network-policy isolation of the bot's hosting environment can limit lateral exposure while the upstream fix is pending.

See how HarborGuard automates this
Affected packages
  • duck-organization / quest-bot
    < 1.0.1
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
References