Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication to exploit, potentially allowing an attacker with local access to compromise confidentiality, integrity, and availability. The vulnerability affects a local system rather than being remotely exploitable, meaning an attacker would need physical or logical access to the target machine. Security teams should monitor for patches from Meta by the July 2026 deadline and restrict local access privileges on systems running affected Meta products or services.