CVE-2026-23866 – WhatsApp
CVSS 4.3
MODERATE
“Even everyday messaging apps can quietly expose sensitive conversations.”
This patch addresses two vulnerabilities affecting WhatsApp for Android and WhatsApp Desktop for Windows. CVE-2026-23863 presents a medium-severity risk with potential impact on user data and application behavior in desktop environments. CVE-2026-23866, while lower in severity, still contributes to overall exposure on mobile devices and may affect how content is handled within the app.
CVE-2026-23863 has a CVSS score of 6.5, which is Medium severity. CVE-2026-23866 has a CVSS score of 4.3, which is Medium severity. There is no verified evidence of active exploitation or publicly available proof-of-concept code for these vulnerabilities.
Key Details
- Affected Product
- Whatsapp Whatsapp
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- Low
- User Interaction
- None
- CWE Classification
- CWE-940
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.