Skip to main content

Natro Macro CVE-2026-28800

MEDIUM
Path Traversal (CWE-22)
2026-03-06 security-advisories@github.com
6.4
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
6.4 MEDIUM
AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:06 vuln.today
CVE Published
Mar 06, 2026 - 07:16 nvd
MEDIUM 6.4

DescriptionGitHub Advisory

Natro Macro is an open-source Bee Swarm Simulator macro written in AutoHotkey. Prior to version 1.1.0, anyone with Discord Remote Control set up in a non-private channel gives access to any user with the permission to send message in said channel access to do anything on their computer. This includes keyboard and mouse inputs and full file access. This issue has been patched in version 1.1.0.

AnalysisAI

Natro Macro versions prior to 1.1.0 allow any user with message permissions in a Discord channel where Remote Control is enabled to execute arbitrary commands on affected systems, including keyboard and mouse control and unrestricted file access. The vulnerability stems from improper access controls on the remote control feature when configured in non-private channels. No patch is currently available for affected versions.

Technical ContextAI

Classified as CWE-22 (Path Traversal). Affects Natro Macro. Natro Macro is an open-source Bee Swarm Simulator macro written in AutoHotkey. Prior to version 1.1.0, anyone with Discord Remote Control set up in a non-private channel gives access to any user with the permission to send message in said channel access to do anything on their computer. This includes keyboard and mouse inputs and full file access. This issue has been patched in version 1.1.0.

RemediationAI

Fixed in version 1.1.0.. Validate and sanitize file path inputs. Use allowlists. Restrict network access to the affected service where possible.

Share

CVE-2026-28800 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy