Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication to exploit, potentially allowing attackers with local access to compromise confidentiality, integrity, and availability of affected systems. The vulnerability was reported in March 2026 with a July 2026 patch deadline. Security teams should monitor for exploitation attempts targeting local access scenarios and prioritize patching once Meta releases a fix, particularly for users in high-risk environments where physical device access cannot be fully controlled.