Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication, allowing attackers with local access to compromise confidentiality, integrity, and availability of affected systems. The vulnerability was reported in March 2026 with a July 2026 deadline for patching, giving the vendor roughly four months to develop and release fixes. Security teams should monitor Meta's security advisories closely and prioritize patching once available, particularly for users in environments where local access by untrusted parties is a concern.