PatchSiren cyber security CVE debrief
CVE-2026-47189 duck-organization CVE debrief
CVE-2026-47189 is a HIGH severity vulnerability in Quest Bot, an open-source modern Discord Bot. The AutoMod remove flow can be exploited to remove rules from a guild where the attacker has Manage Server permissions, by learning the victim guild's AutoMod rule ID through autocomplete. This issue has been patched in version 1.0.5.
- Vendor
- duck-organization
- Product
- quest-bot
- CVSS
- HIGH 8.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-11
Who should care
Users of Quest Bot, particularly those with Manage Server permissions, should be aware of this vulnerability and take steps to protect themselves.
Technical summary
The AutoMod remove flow in Quest Bot looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. This allows an attacker to remove rules from another guild where they have Manage Server permissions, if they know the rule ID.
Defensive priority
HIGH
Recommended defensive actions
- Upgrade to Quest Bot version 1.0.5 or later.
- Restrict Manage Server permissions to trusted users.
- Monitor AutoMod rule changes and logs for suspicious activity.
Evidence notes
CVE-2026-47189 has a CVSS score of 8.3 and is considered HIGH severity. The vulnerability was published on 2026-06-11T19:16:46.637Z and last modified on 2026-06-11T20:58:18.123Z.
Official resources
CVE-2026-47189 was published on 2026-06-11T19:16:46.637Z and last modified on 2026-06-11T20:58:18.123Z.