Meta

Meta, the social media and technology conglomerate behind Facebook, Instagram, and WhatsApp, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication to exploit, potentially compromising confidentiality, integrity, and availability. The vulnerability is accessible only from a local machine and cannot be remotely exploited, meaning an attacker would need physical or logical access to trigger it through user interaction. Security teams should monitor for patches after the July 2, 2026 deadline and watch for any public exploit code targeting this local privilege escalation vector.