{"id":"CVE-2021-37696","details":"tmerc-cogs are a collection of open source plugins for the Red Discord bot. A vulnerability has been found in the code that allows any user to access sensitive information by crafting a specific MassDM message. Issue is patched in commit 92325be650a6c17940cc52611797533ed95dbbe1. All users are advised to update to the current commit. As a workaround users may unload the MassDM cog or globally disable the `[p]massdm` command.","modified":"2026-03-13T22:01:07.303237Z","published":"2021-08-11T23:15:07.953Z","related":["GHSA-ffhm-9c8j-wx9h"],"references":[{"type":"FIX","url":"https://github.com/tmercswims/tmerc-cogs/commit/92325be650a6c17940cc5"},{"type":"FIX","url":"https://github.com/tmercswims/tmerc-cogs/security/advisories/GHSA-ffhm-9c8j-wx9h"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tmercswims/tmerc-cogs","events":[{"introduced":"0"},{"fixed":"92325be650a6c17940cc5"}]},{"type":"GIT","repo":"https://github.com/tmercswims/tmerc-cogs","events":[{"introduced":"0"},{"fixed":"92325be650a6c17940cc5"}]}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"3.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-37696.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}