How is CVE-2026-47196 exploited?

Network reachability (required): The attacker must reach the bot's command interface over the network, specifically through the Discord API, to submit the malformed automod rule. Authentication (required): Any low-privilege Discord account with standard guild membership is sufficient; no elevated or administrative role is needed. Victim interaction (not-required): No user action is required after the rule is stored; the bot begins deleting all non-bot messages automatically. Attack complexity (info): Exploitation is straightforward and condition-free: submitting a whitespace-only string to the automod add command reliably triggers the flaw on every subsequent message.

What is the impact of CVE-2026-47196?

The attacker causes the bot to delete every non-bot message posted in the guild, wiping ongoing conversations in real time. Guild communication is effectively halted for all members for as long as the blank rule remains active, disrupting community operations. Moderators and administrators lose visibility into member activity because messages are removed before they can be read or logged. The impact extends to all channels monitored by the bot, meaning a single malformed rule affects the entire server scope simultaneously.

Back to search

HIGHCVE-2026-47196Published 2026-06-12Modified 2026-06-12CNA GitHub_M

CVE-2026-47196: Quest Bot: Empty automod rule causes every guild message to be deleted

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the automod add command trims user input but does not reject an empty result. Adding a rule containing only whitespace stores an empty word. The message listener later checks content.includes(""), which is always true, causing the bot to delete every non-bot guild message. This issue has been patched in version 1.1.6.

CVSS v4.0: 8.4
Severity: HIGH
Fixed in: —
Affected Products: 1

HarborGuard Analysis

Synopsis

A logic flaw in Quest Bot, an open-source Discord bot, allows any low-privilege guild member to add a blank automod rule that causes the bot to delete every non-bot message in the guild. The vulnerability is reachable over the network and requires only a low-privilege account (standard guild membership). Successful exploitation gives the attacker persistent, broad message deletion across the entire guild, effectively silencing all communication. A patched-image rebuild at version 1.1.6 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images, including custom-built images that package questbot. Any image pinned to a tag resolving to a version below 1.1.6 of duck-organization/questbot is flagged automatically.

Available

Triage

HarborGuard scores this CVE at CVSS 8.4 (High) and weights it against each environment's compliance policy to determine urgency and routing. Findings are surfaced to the appropriate team inbox within each customer organization based on policy configuration.

Available

Patch

A patched-image rebuild at questbot 1.1.6 becomes available on HarborGuard for any environment running an affected version. For customers who opt into auto-remediation, HarborGuard runs a rebuild, executes the regression-test suite, and opens a PR against affected workloads automatically.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The attacker must reach the bot's command interface over the network, specifically through the Discord API, to submit the malformed automod rule.
AuthenticationRequired
Any low-privilege Discord account with standard guild membership is sufficient; no elevated or administrative role is needed.
Victim interactionNot required
No user action is required after the rule is stored; the bot begins deleting all non-bot messages automatically.
Attack complexityDetail
Exploitation is straightforward and condition-free: submitting a whitespace-only string to the automod add command reliably triggers the flaw on every subsequent message.

Blast Radius

The attacker causes the bot to delete every non-bot message posted in the guild, wiping ongoing conversations in real time.
Guild communication is effectively halted for all members for as long as the blank rule remains active, disrupting community operations.
Moderators and administrators lose visibility into member activity because messages are removed before they can be read or logged.
The impact extends to all channels monitored by the bot, meaning a single malformed rule affects the entire server scope simultaneously.

How HarborGuard Handles This

Available on HarborGuard: images packaging duck-organization/questbot at versions below 1.1.6 are flagged as soon as the CVE is ingested, typically within minutes of publication. For customers who opt into auto-remediation, HarborGuard rebuilds the image at the 1.1.6 fix version, runs the configured regression tests, and opens a pull request against affected workloads; median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes in environments with auto-remediation enabled. Where auto-remediation is not enabled, the finding is routed to the appropriate team inbox with remediation context attached. Until an image rebuild is deployed, compensating controls include restricting the automod add command to a trusted administrator role via Discord permission overrides and auditing existing automod rules for blank entries.

See how HarborGuard automates this

Affected packages

duck-organization / questbot
< 1.1.6

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:H/SA:H

References

Metrics

Get notified