External risk intelligence

Quest Bot Privileged Workflow Allows Malicious Container Deployment

CVE advisorySeverity: CRITICAL (CVSS 9.5)

CVE-2026-47172

A vulnerability exists in Quest Bot's deployment workflow that could allow an attacker to deploy malicious code in a production environment, leading to bot compromise. The issue occurs if an attacker can submit a pull request from a specific branch, potentially enabling the build and deployment of attacker-controlled c

1Halo Surface Signal

External exposure likelihood

Halo Surface Signal score for CVE-2026-47172

The vulnerability exists within the CI/CD deployment workflow and build pipeline process of the software repository. This is a build-time and development-infrastructure issue rather than a service or feature accessible via the public internet.

PCI scan relevance

PCI Relevance for CVE-2026-47172

Yes

CVE-2026-47172 — Halo PCI Relevance: Yes. Under typical PCI ASV external scan criteria, this issue may be flagged for scan prioritization.

This vulnerability allows an attacker to compromise production systems by building and deploying malicious code, which could lead to a PCI ASV scan failure.

Scan-prioritization guidance only—not a PCI DSS certification or ASV attestation.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Horizon Alert

Summary of the vulnerability and why it matters

A security vulnerability has been identified in Quest Bot, an open-source Discord bot. The issue resides within its deployment workflow, potentially allowing an attacker to trigger the build and deployment of malicious code in a production environment. This could lead to the compromise of the bot.

  • Malicious code could be deployed to production.
  • This impacts software development and deployment processes.
  • Confirm relevance and ensure affected systems are secured.

Attack Path

How an attacker could exploit the issue

An attacker could initiate a compromise by submitting a pull request targeting the `main` branch of the Quest Bot repository. This action would trigger a privileged deployment workflow, which, if it mistakenly identifies the pull request's code as deployable, could build and deploy an attacker-controlled commit as a malicious container image, potentially leading to the compromise of the production bot.

  • Attacker opens a pull request.
  • Malicious code is built in privileged context.
  • Malicious container deployment and bot compromise.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could impact the integrity of deployed container images and trigger production deployments based on attacker-controlled code. This occurs when an attacker can open a pull request from a branch named `main`, causing the bot's deploy workflow to execute malicious code in a privileged context.

  • Malicious container deployment.
  • Pull request from attacker branch.
  • Production bot compromise.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

This vulnerability impacts the automated deployment workflow of Quest Bot, potentially allowing an attacker to deploy malicious code. The team responsible for the bot's development pipeline and infrastructure, likely a platform or DevOps team, should investigate. The first practical step is to identify all instances of Quest Bot's CI/CD pipeline, confirm if the affected workflow is active and exposed, and then verify the current version.

  • Own the CI/CD pipeline and bot code.
  • Verify Quest Bot pipeline and version.
  • Plan secure build and deploy upgrades.

Frequently asked questions

What is Quest Bot?

Quest Bot is an open-source tool designed for Discord servers. It provides automated features such as moderation, helpful utilities, and support capabilities. Users deploy this software to manage community interactions and streamline server administration tasks directly within the Discord platform.

What does CWE-829 mean for CVE-2026-47172?

CWE-829 refers to the inclusion of functionality from an untrusted control sphere. In the context of CVE-2026-47172, this means the software's automated build system unintentionally trusts and executes code provided by unauthorized contributors, allowing that external code to run with the same high-level system permissions normally reserved for legitimate, trusted production updates.

How does an attacker trigger this vulnerability?

An attacker triggers the flaw by submitting a pull request to the main branch of the repository. The deployment process is then misled into treating this external contribution as verified production code. Simply viewing the repository or using the bot does not trigger the bug; the attacker must be able to interact with the project's development workflow and initiate a pull request.

Is my instance of Quest Bot affected?

According to Halo Surface Signal, this vulnerability is unlikely to be reachable from the public internet because it exists within the internal build and deployment pipeline rather than the bot's user-facing features. You are primarily at risk if you actively maintain and build the project's source code, as the issue specifically affects the automated infrastructure responsible for creating and deploying container images.

How do I secure my installation?

The most effective first step is to update to version 1.0.3 or later, which contains the necessary patches to fix the workflow logic. If you manage the development pipeline, verify your current version immediately and review your CI/CD configuration to ensure that pull requests from untrusted sources cannot trigger privileged deployment tasks.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished