CVE-2026-23866
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-23866
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device, including triggering OS-controlled custom URL scheme handlers. We have not seen evidence of exploitation in the wild.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Facebook WhatsApp 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Facebook WhatsApp是美国Facebook公司的一套基于Android平台的、利用网络传送短信的移动应用程序。该应用程序通过智能手机中的联络人信息,查找使用该软件的联络人传送文字、图片等。 Facebook WhatsApp v2.25.8.0至v2.26.15.72版本和WhatsApp for Android v2.25.8.0至v2.26.7.10版本存在安全漏洞,该漏洞源于对Instagram Reels的AI丰富响应消息验证不完整,可能导致用户触发从任意URL处理媒体内容,包括触发
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| WhatsApp for Android | 2.25.8.0 ~ 2.26.7.10 | - | ||
| WhatsApp for iOS | 2.25.8.0 ~ 2.26.15.72 | - |
II. Public POCs for CVE-2026-23866
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-23866
请登录查看更多情报信息。
- WhatsApp Security Advisories 2026x_refsource_CONFIRM
- CVE-2026-23866x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2026-23866
IV. Related Vulnerabilities
V. Comments for CVE-2026-23866
No comments yet