Meta

Meta, the social media and technology conglomerate, has a local privilege escalation vulnerability with a CVSS score of 7.8 that requires user interaction but no authentication to exploit, potentially allowing an attacker to gain high-level access to confidentiality, integrity, and system availability. The vulnerability is locally exploitable and was reported in March 2026 with a vendor deadline of July 2026. Security teams should monitor Meta's advisory channels for patch releases and assess exposure within environments running affected Meta products or services.