Meta

Meta, the parent company of Facebook, Instagram, and WhatsApp, has a high-severity vulnerability (CVSS 7.8) that requires local access and user interaction but requires no authentication, potentially allowing an attacker to compromise confidentiality, integrity, and availability of affected systems. The vulnerability was reported in March 2026 with a patching deadline of July 2026, giving the vendor approximately four months to develop and release a fix. Security teams should monitor Meta's advisories closely during this period and prioritize patching once updates become available, particularly for users on affected platforms or services.