|
211
|
- |
|
-
|
-
|
Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, a moderator with the relevant Discord permission bit can use the bot to moderate users above them in the Discord role hierarchy, as lon…
New
|
CWE-862
Missing Authorization
|
CVE-2026-47197
|
2026-06-13 00:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212
|
- |
|
-
|
-
|
Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the latest release suppresses mentions when creating, unbanning, unwarning, kicking, muting, and unmuting, but stored warning reasons a…
New
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2026-48485
|
2026-06-13 00:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213
|
- |
|
-
|
-
|
Quest Bot is an opensource Discord Bot. Prior to version 1.1.8, any user who can access the ticket panel can repeatedly create new ticket channels. The latest release still creates a new database tic…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-49347
|
2026-06-13 00:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214
|
- |
|
-
|
-
|
Frappe is a full-stack web application framework. Prior to versions 15.106.0 and 16.16.0, there is a possible SQL Injection via get_blog_list. This issue has been patched in versions 15.106.0 and 16.…
New
|
CWE-89
SQL Injection
|
CVE-2026-41581
|
2026-06-13 00:56 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215
|
- |
|
-
|
-
|
Frappe is a full-stack web application framework. Prior to version 15.106.0, a stored XSS vulnerability in the user profile image section allows an attacker to execute malicious scripts in the browse…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-44205
|
2026-06-13 00:56 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
216
|
- |
|
-
|
-
|
Frappe is a full-stack web application framework. Prior to versions 15.106.0 and 16.16.0, stored XSS in Note was possible due to lack of sanitization. This issue has been patched in versions 15.106.0…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-47739
|
2026-06-13 00:56 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217
|
8.1 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules d…
New
|
CWE-284
CWE-697
Improper Access Control
Incorrect Comparison
|
CVE-2026-44249
|
2026-06-13 00:55 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218
|
7.5 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending a…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-44250
|
2026-06-13 00:55 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219
|
7.5 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending c…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-44890
|
2026-06-13 00:55 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220
|
7.5 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, the default configuration of the `Http3ConnectionHandler` in the Netty HTTP/3 …
New
|
CWE-400
CWE-1188
Uncontrolled Resource Consumption
Insecure Default Initialization of Resource
|
CVE-2026-44892
|
2026-06-13 00:55 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
