Meta

Meta, a major social media and technology company, has a high-severity vulnerability (CVSS 7.8) that requires local access and user interaction to exploit, but delivers significant damage once triggered including confidentiality, integrity, and availability compromise. The vulnerability does not require authentication or network access, making it a concern for local attackers who can trick users into executing malicious actions. Security teams should monitor for patches from Meta before the July 2026 deadline and watch for any exploitation attempts targeting local user sessions.