CVE-2026-48485

Name of the Vulnerable Software and Affected Versions Quest Bot versions prior to 1.1.6

Description Quest Bot suppresses mentions during several administrative actions, such as creating, unbanning, unwarning, kicking, muting, and unmuting. However, warning reasons stored in the system are printed by the /warns endpoint without mention suppression. This allows a moderator to include @everyone or @here in a warning reason, which can subsequently trigger a mass ping when the bot outputs that reason, provided the bot has the necessary permissions.

Recommendations Update to version 1.1.6.