PT-2025-29868 · Voidbot · Voidbot
Death1Clown
·
Published
2025-07-16
·
Updated
2025-07-16
·
CVE-2025-53943
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
VoidBot Open-Source versions 0.0.1 through 0.8.1
Description
VoidBot Open-Source is a customizable Discord bot. A flaw exists in the command handler where permission checks are not properly enforced for certain administrative commands. This allows users without the required roles or privileges to execute sensitive commands, potentially disrupting server operations.
Recommendations
Update to version 1.0.0 to resolve this issue.
Fix
LPE
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Voidbot