CVE-2026-24332

MEDIUM

Discord through 2026-01-16 - Information Disclosure via WebSocket API Response

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-24332. PoCs published by WhiteTPoison100.

AI-analyzed exploit summary The repository claims to demonstrate CVE-2026-24332 but only contains a simulated presence monitoring script with no actual exploit code or technical details about the vulnerability. The README lacks depth and the script merely logs mock activity without interacting with Discord's API or exploiting any flaw.

Description

Discord through 2026-01-16 allows gathering information about whether a user's client state is Invisible (and not actually offline) because the response to a WebSocket API request includes the user in the presences array (with "status": "offline"), whereas offline users are omitted from the presences array. This is arguably inconsistent with the UI description of Invisible as "You will appear offline."

Exploits (1)

nomisec SUSPICIOUS
by WhiteTPoison100 · poc
https://github.com/WhiteTPoison100/Discord-CVE-2026-24332-demo

The repository claims to demonstrate CVE-2026-24332 but only contains a simulated presence monitoring script with no actual exploit code or technical details about the vulnerability. The README lacks depth and the script merely logs mock activity without interacting with Discord's API or exploiting any flaw.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Discord (version unspecified)
No auth needed
Prerequisites: None
devstral-2 · analyzed May 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 4.3
EPSS 0.0026
EPSS Percentile 17.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-204
Status published
Published Jan 22, 2026
Tracked Since Feb 18, 2026