CVE-2026-24332
Discord through 2026-01-16 allows gathering information about whether a user's client state is Invisible (and not actually offline) because the response to a WebSocket API request includes the user in the presences array (with "status": "offline"), whereas offline users are omitted from the presences array. This is arguably inconsistent with the UI description of Invisible as "You will appear offline."
Vendor
-
Product
-
CWE
Yayın Tarihi
2026-01-22 08:16:00
Güncelleme
2026-01-26 15:04:59
Source Identifier
cve@mitre.org
KEV Date Added
-