PT-2026-23653 · Unknown+1 · Bee Swarm Simulator+3

Datauwu

Published

2026-03-06

Updated

2026-03-06

CVE-2026-28800

CVSS v3.1

8.0

High

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Natro Macro versions prior to 1.1.0

Description Natro Macro, an open-source Bee Swarm Simulator macro written in AutoHotkey, prior to version 1.1.0, allowed unauthorized access to a user's computer when Discord Remote Control was enabled in a non-private channel. This access included keyboard and mouse inputs, as well as full file access, for any user with message sending permissions in that channel.

Recommendations Update to version 1.1.0 or later.

Exploit

Fix

Path traversal

Improper Authentication

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22CWE-287CWE-434

Related Identifiers

CVE-2026-28800

GHSA-PH9R-2QJM-GHVG

Affected Products

Autohotkey

Bee Swarm Simulator

Discord

Natromacro

PT-2026-23653 · Unknown+1 · Bee Swarm Simulator+3

CVE-2026-28800

Weakness Enumeration

Related Identifiers

Affected Products

References · 7