Vulnerability Description
VoidBot Open-Source is a customizable Discord bot. VoidBot Open-Source versions 0.0.1 through 0.8.1 contain a vulnerability in the command handler where permission checks are not properly enforced for certain administrative commands. This allows users without the required roles or privileges to execute sensitive commands such as `ban`, `kick`, or `shutdown`, potentially disrupting server operations. Version 1.0.0 fixes the issue.
Related Weaknesses (CWE)
References
- https://discordjs.guide/popular-topics/permissions.html
- https://github.com/Death1Clown/VoidBot_open-source/security/advisories/GHSA-6rr8
FAQ
What is CVE-2025-53943?
CVE-2025-53943 is a documented vulnerability. VoidBot Open-Source is a customizable Discord bot. VoidBot Open-Source versions 0.0.1 through 0.8.1 contain a vulnerability in the command handler where permission checks are not properly enforced for...
How severe is CVE-2025-53943?
CVSS scoring is not yet available for CVE-2025-53943. Check NVD for updates.
Is there a patch for CVE-2025-53943?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.