QwikSec

Security Database

CVE

CWE

Training

CVE-2025-65957

Published: Nov 25, 2025

Modified: Nov 26, 2025

PUBLISHED

Description

Core Bot Is an Open Source discord bot made for maple hospital servers. Prior to commit dffe050, the API keys (SUPABASE_API_KEY, TOKEN) are loaded using environment variables, but there are cases in code (error handling, summaries, webhooks) where configuration summaries may inadvertently leak sensitive data (e.g., by failing to redact data in summary embeds or logs). This issue has been patched via commit dffe050.

Vendor	Product	Versions
Intercore-Productions	Core-Bot	affected `< dffe050d565a580edfcd0242efa45da88ab31260`

Weaknesses (CWE)

References

https://github.com/Intercore-Productions/Core-Bot/security/advisories/GHSA-42j6-x28v-38r8

x_refsource_CONFIRM

https://github.com/Intercore-Productions/Core-Bot/commit/dffe050d565a580edfcd0242efa45da88ab31260

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.