Facebook — Vulnerabilities & Security Advisories 140

Browse all 140 CVE security advisories affecting Facebook. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Facebook operates a global social networking platform facilitating user interaction, content sharing, and targeted advertising. With 140 recorded Common Vulnerabilities and Exposures (CVEs), its attack surface reflects the complexity of large-scale web infrastructure. Historically, the platform has been susceptible to cross-site scripting (XSS), which allows attackers to inject malicious scripts into web pages viewed by other users. Remote code execution (RCE) vulnerabilities have also appeared, potentially granting unauthorized access to underlying server systems. Additionally, privilege escalation flaws have enabled users to bypass intended access controls, accessing restricted data or features. Notable incidents include data breaches affecting millions of accounts and API misconfigurations that exposed private user information. These security challenges highlight the persistent risks associated with managing vast amounts of personal data and maintaining robust authentication mechanisms across a distributed network architecture.

CVEs 140

CVE ID	Title	CVSS	Severity	Published
CVE-2021-24042	WhatsApp 缓冲区错误漏洞 — WhatsApp DesktopCWE-122	9.8	-	2022-01-04
CVE-2021-24045	Facebook Hermes 安全漏洞 — HermesCWE-843	9.1	-	2021-12-13
CVE-2021-24041	Facebook WhatsApp 缓冲区错误漏洞 — WhatsApp Business for AndroidCWE-122	8.4	-	2021-12-07
CVE-2019-3556	Facebook HHVM 路径遍历漏洞 — HHVMCWE-22	8.1	-	2021-10-26
CVE-2021-24040	parlai 代码问题漏洞 — ParlAICWE-502	7.2	-	2021-09-10
CVE-2021-24038	Facebook Oculus Desktop 安全漏洞 — Oculus DesktopCWE-269	7.8	-	2021-08-18
CVE-2021-24036	Facebook HHVM 输入验证错误漏洞 — follyCWE-122	9.8	-	2021-07-23
CVE-2021-24037	Facebook Hermes 资源管理错误漏洞 — HermesCWE-416	8.1	-	2021-06-15
CVE-2021-24035	Facebook WhatsApp for Android 路径遍历漏洞 — WhatsApp Business for AndroidCWE-23	9.1	-	2021-06-11
CVE-2020-1920	React Native代码问题漏洞 — react-nativeCWE-1333	7.5	-	2021-06-01
CVE-2021-24028	Facebook Thrift 安全漏洞 — Facebook ThriftCWE-763	9.8	-	2021-04-13
CVE-2021-24027	Facebook WhatsApp 安全漏洞 — WhatsApp Business for AndroidCWE-524	7.5	-	2021-04-06
CVE-2021-24026	Facebook WhatsApp 缓冲区错误漏洞 — WhatsApp Business for iOSCWE-787	9.8	-	2021-04-06
CVE-2021-24029	Facebook Proxygen 安全漏洞 — mvfstCWE-617	7.5	-	2021-03-15
CVE-2020-1900	Facebook HHVM 资源管理错误漏洞 — HHVMCWE-416	9.4	-	2021-03-11
CVE-2020-1899	Facebook HHVM 缓冲区错误漏洞 — HHVMCWE-822	7.5	-	2021-03-11
CVE-2020-1898	Facebook HHVM 安全漏洞 — HHVMCWE-674	7.5	-	2021-03-11
CVE-2021-24030	Facebook Gameroom 参数注入漏洞 — Facebook GameroomCWE-88	9.8	-	2021-03-10
CVE-2021-24025	Katy Voor HHVM 输入验证错误漏洞 — HHVMCWE-122	9.8	-	2021-03-10
CVE-2020-1921	Katy Voor HHVM 缓冲区错误漏洞 — HHVMCWE-121	7.5	-	2021-03-10
CVE-2020-1919	Katy Voor HHVM 缓冲区错误漏洞 — HHVMCWE-125	7.5	-	2021-03-10
CVE-2020-1918	Katy Voor HHVM 缓冲区错误漏洞 — HHVMCWE-127	7.5	-	2021-03-10
CVE-2020-1917	Katy Voor HHVM 缓冲区错误漏洞 — HHVMCWE-122	9.8	-	2021-03-10
CVE-2020-1916	Katy Voor HHVM 缓冲区错误漏洞 — HHVMCWE-122	9.8	-	2021-03-10
CVE-2021-24033	react-dev-utils 操作系统命令注入漏洞 — react-dev-utilsCWE-78	8.1	-	2021-03-09
CVE-2021-24032	Zstandard 安全漏洞 — ZstandardCWE-277	5.5	-	2021-03-04
CVE-2021-24031	Zstandard 安全漏洞 — ZstandardCWE-277	5.5	-	2021-03-04
CVE-2020-1896	Facebook Hermes 缓冲区错误漏洞 — HermesCWE-121	9.8	-	2021-02-02
CVE-2020-1909	Facebook WhatsApp for iOS logging library 资源管理错误漏洞 — WhatsApp Business for iOSCWE-416	9.8	-	2020-11-03
CVE-2020-1908	Facebook WhatsApp 授权问题漏洞 — WhatsApp Business for iOSCWE-285	4.6	-	2020-11-03

This page lists every published CVE security advisory associated with Facebook. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Facebook — Vulnerabilities & Security Advisories 140