CVE Tools

meta

OSS LibrariesUScommercial

6

Cumulative CVEs

1

Monthly snapshots

#140

Peak rank

Top products

Latest CVEs

The 13 most recently published vulnerabilities affecting meta.

CVE-2026-23870A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to server crashes, out-of-memory exceptions or excessiv...7.5May 6, 2026
CVE-2026-23869A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack (versions 19....7.5Apr 8, 2026
CVE-2026-23864Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vu...7.5Jan 26, 2026
CVE-2025-67779It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. React Server Components versions 19...7.5Dec 11, 2025
CVE-2025-55184A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-ser...7.5Dec 11, 2025
CVE-2025-55183An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: r...5.3Dec 11, 2025
CVE-2025-55182A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, rea...KEV10.0Dec 3, 2025
CVE-2025-30259The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications b...3.5Mar 19, 2025
CVE-2024-49400Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended...9.8Oct 17, 2024
CVE-2023-5654The React Developer Tools extension registers a message listener with window.addEventListener('message', <listener>) in a content script that is accessible to any webpage that is active in the brow...6.5Oct 19, 2023
CVE-2023-45239A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address se...9.8Oct 6, 2023
CVE-2022-27492An integer underflow in WhatsApp could have caused remote code execution when receiving a crafted video file.7.8Sep 23, 2022
CVE-2022-36934An integer overflow in WhatsApp could result in remote code execution in an established video call.9.8Sep 22, 2022