Skip to content
  • Home
  • Apps
    • CallingMessagingGroupsStatusChannelsMeta AISecurity
  • Privacy
  • Help Center
  • Blog
  • For Business
Download
Terms & Privacy Policy2026 © WhatsApp LLC
WhatsApp Main PageWhatsApp Main Page
    • Calling

      Stay connected with voice and video.

    • Messaging

      Say it with stickers, voice, GIFs and more.

    • Groups

      Messaging features you need to connect in groups.

    • Channels

      Stay updated on topics you care about.

    • Meta AI

      Get help with anything, all with the safety and privacy on WhatsApp.

    • Status

      Share your everyday with photos, videos and voice notes.

    • Security

      Layers of protection to help you stay safe.

  • Privacy
  • Help Center
  • Blog
  • For Business
  • Apps
Log inDownload

WhatsApp Security Advisories

2026 Updates

CVE-2026-23866

Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device, including triggering OS-controlled custom URL scheme handlers. We have not seen evidence of exploitation in the wild.

Acknowledgements: External Researcher via Meta Bug Bounty submission and Meta Security Team.

CVE-2026-23863

An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened. We have not seen evidence of exploitation in the wild.

Acknowledgements: External Researcher via Meta Bug Bounty submission

Download
WhatsApp Main Logo
WhatsApp Main Logo
Download

What we do

FeaturesBlogSecurityFor Business

Who we are

About usCareersBrand CenterPrivacy

Use WhatsApp

AndroidiPhoneMac/PCWhatsApp Web

Need help?

Contact UsHelp CenterAppsSecurity Advisories
Download

2026 © WhatsApp LLC

Terms & Privacy PolicySitemap