Whatsapp: >> Whatsapp >> 0.2.5862 Security Vulnerabilities
A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability.
CVSS Score
5.6
EPSS Score
0.001
Published
2023-10-04
CVE-2019-18426
A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text message.
Known exploited
CVSS Score
8.2
EPSS Score
0.522
Published
2020-01-21
An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-07-16