Meta

Meta, the social media and technology conglomerate behind Facebook, Instagram, and other platforms, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but requires no authentication and can compromise confidentiality, integrity, and availability. The flaw can be exploited by a local attacker who tricks a user into running malicious code, potentially giving an attacker full control over the affected system. Security teams should monitor for patches between now and the July 2, 2026 deadline and assess whether this vulnerability affects their Meta-based infrastructure or user endpoints.