Meta

Meta, the social media and technology conglomerate behind Facebook and Instagram, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but requires no authentication and can compromise confidentiality, integrity, and availability on an affected system. The flaw is exploitable through local access only, making it relevant primarily to endpoint security rather than remote attacks. Security teams should monitor for patches expected by July 2026 and assess which Meta products or services in their environment may be affected once details are disclosed.