Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication to exploit, potentially allowing attackers with local access to compromise system confidentiality, integrity, and availability. The vulnerability was reported in March 2026 with a July 2026 deadline for the vendor to issue a patch. Security teams should monitor for this advisory's resolution and prepare to patch Meta products promptly once updates become available, particularly for systems where local user access is a concern.