Facebook Whatsapp For Ios
19 CVEs affecting Facebook Whatsapp For Ios. Latest disclosed: 2026-05-01. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-38537 | Medium | 5.6 | 2023-10-04 | A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have re… |
CVE-2025-55179 | Medium | 5.4 | 2025-11-18 | Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23… |
CVE-2025-55177 | Medium | 5.4 | 2025-08-29 | Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsAp… |
CVE-2023-38538 | Medium | 5.0 | 2023-10-04 | A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexp… |
CVE-2026-23866 | Medium | 4.3 | 2026-05-01 | Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26… |
CVE-2021-24042 | | 2022-01-04 | The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Bu… | |
CVE-2021-24026 | | 2021-04-06 | A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v… | |
CVE-2020-1909 | | 2020-11-03 | A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory cor… | |
CVE-2020-1908 | | 2020-11-03 | Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact wit… | |
CVE-2020-1907 | | 2020-10-06 | A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsA… | |
CVE-2020-1904 | | 2020-10-06 | A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwr… | |
CVE-2020-1903 | | 2020-10-06 | An issue when unzipping docx, pptx, and xlsx documents in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have resulte… | |
CVE-2020-1901 | | 2020-10-06 | Receiving a large text message containing URLs in WhatsApp for iOS prior to v2.20.91.4 could have caused the application to freeze while processing the message. | |
CVE-2019-11931 | | 2019-11-14 | A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the e… | |
CVE-2019-11927 | | 2019-09-27 | An integer overflow in WhatsApp media parsing libraries allows a remote attacker to perform an out-of-bounds write on the heap via specially-crafted EXIF tags… | |
CVE-2018-6350 | | 2019-06-14 | An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. This issue affects WhatsApp for Android prior to 2.18.276, Wh… | |
CVE-2018-20655 | | 2019-06-14 | When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects… | |
CVE-2019-3568 | | 2019-05-14 | A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number… | |
CVE-2018-6344 | | 2018-12-31 | A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of… |