Meta

Meta, the social media and technology conglomerate, has a high-severity vulnerability (CVSS 7.8) that requires local access and user interaction but requires no authentication to exploit, potentially compromising confidentiality, integrity, and availability. The vulnerability was reported in March 2026 with a July deadline for patching, giving the vendor roughly four months to develop and release a fix. Security teams should monitor Meta's advisory channels closely for patch details and prioritize updates to affected Meta products once available, particularly for systems where local access controls may be weak.