Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction to exploit but can compromise confidentiality, integrity, and availability once triggered. The flaw is locally accessible without authentication, meaning an attacker with physical or logical access to an affected system can trick a user into triggering the exploit to gain full system compromise. Security teams should monitor for patches due by July 24, 2026, and consider restricting local access on Meta-connected systems until updates are available.