Meta

Meta, the social media and technology conglomerate behind Facebook, Instagram, and other platforms, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction to exploit but delivers significant impact through confidentiality, integrity, and availability compromises. The attack vector is limited to local access with no authentication required, making it exploitable by any user with physical or logical access to an affected system. Security teams should monitor for patches from Meta by the July 2026 deadline and prioritize testing in environments where untrusted local users may have device access.