Meta

Meta, the social media and technology conglomerate, has a local vulnerability with a CVSS score of 7.8 that requires user interaction but no authentication, potentially allowing attackers with local access to compromise confidentiality, integrity, and availability. The attack vector is limited to the local system, meaning an attacker would need physical or local network access to exploit it, though the high impact across all security domains (data theft, modification, and denial of service) makes this a serious concern. Security teams should monitor for patches from Meta by late July 2026 and prioritize systems where untrusted users have local access or where malicious applications could be executed.