Meta

Meta, the technology company behind Facebook and Instagram, has a high-severity local vulnerability (CVSS 7.8) that requires no authentication and can be exploited through user interaction to compromise confidentiality, integrity, and availability. The flaw is locally exploitable, meaning an attacker would need access to the target system but could execute a malicious action if a user interacts with it. Security teams should monitor for patches expected by July 2026 and watch for any exploitation attempts targeting Meta's products that could lead to unauthorized data access or system compromise.