CVE-2025-53943

Sažetak

VoidBot Open-Source is a customizable Discord bot. VoidBot Open-Source versions 0.0.1 through 0.8.1 contain a vulnerability in the command handler where permission checks are not properly enforced for certain administrative commands. This allows users without the required roles or privileges to execute sensitive commands such as `ban`, `kick`, or `shutdown`, potentially disrupting server operations. Version 1.0.0 fixes the issue.

Reference

https://discordjs.guide/popular-topics/permissions.html
https://github.com/Death1Clown/VoidBot_open-source/security/advisories/GHSA-6rr8-9c8q-m5rv

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

16-07-2025 - 16:15

Objavljeno

16-07-2025 - 16:15