Meta

Meta, the parent company of Facebook, Instagram, and WhatsApp, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication to exploit, potentially allowing an attacker with local access to compromise confidentiality, integrity, and availability of the affected system. The vulnerability is in their ecosystem and poses significant risk to users who may unknowingly trigger the flaw through normal interaction. Security teams should monitor for patches after the July 2026 vendor deadline and prioritize updates for systems running affected Meta products or services.