SecAlerts
CVE ListPricingSign Up
Meta logo

Meta

Security Risk Profile

59
/100
medium

Security Risk Score

Comprehensive risk assessment based on 38 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from October 29, 2024 to present

38
Total CVEs
3
Critical+High
14
Exploited
1
Unpatched

Threat Assessment

Avg CVSS
7.1
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
1
Critical/High
Risk Level
59/100
medium
⚠️ 14 Active Exploits 13 Zero-Days

Severity Distribution

Critical
2
High
1
Medium
4
Low
0

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
2

Age Distribution

Common Weaknesses (CWE)

1
XSS
1

Most Affected Products

1. Vercel Next.js Node.js167
2. Meta WhatsApp22
3. Meta React10
4. Facebook React7
5. npm/react-server-dom-webpack6

Recent Vulnerabilities

See more →
https://www.zdnet.com/article/microsoft-obliterated-ai-safety-guardrails-with-one-prompt/
unknown

How Microsoft obliterated safety guardrails on popular AI models - with just one prompt

2/9/2026🔧 No Patch
https://www.theregister.com/2026/02/03/critical_react_native_metro_server/
unknown

Critical React Native Metro dev server bug under attack as researchers scream into the void

2/3/2026⚠ Exploited🔧 No Patch
https://www.bleepingcomputer.com/news/security/researcher-reveals-evidence-of-private-instagram-profiles-leaking-photos/
unknown

Researcher reveals evidence of private Instagram profiles leaking photos

1/31/2026⚠ Exploited🔧 No Patch
https://www.bleepingcomputer.com/news/security/critical-react2shell-flaw-exploited-in-ransomware-attacks/
unknown

Critical React2Shell flaw exploited in ransomware attacks

12/17/2025⚠ Exploited⚡ Zero-Day🔧 No Patch
https://www.theregister.com/2025/12/12/new_react_secretleak_bugs/
unknown

New React vulns leak secrets, invite DoS attacks

12/12/2025⚡ Zero-Day🔧 No Patch
https://www.theregister.com/2025/12/12/vulnerable_react_instances_unpatched/
unknown

Half of exposed React servers remain unpatched amid attacks

12/12/2025⚠ Exploited⚡ Zero-Day🔧 No Patch
CVE-2025-67779
CVSS 7.5high

additional act vulnerabilities (CVE-2025-55183, CVE-2025-55184, CVE-2025-67779)

12/11/2025
https://www.bleepingcomputer.com/news/security/north-korean-hackers-exploit-react2shell-flaw-in-etherrat-malware-attacks/
unknown

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

12/9/2025🔧 No Patch
https://www.theregister.com/2025/12/05/react2shell_pocs_exploitation/
unknown

Cloudflare blames Friday outage on borked fix for React2shell vuln

12/5/2025🔧 No Patch
https://www.bleepingcomputer.com/news/security/react2shell-critical-flaw-actively-exploited-in-china-linked-attacks/
unknown

Critical React2Shell flaw actively exploited in China-linked attacks

12/5/2025⚠ Exploited⚡ Zero-Day🔧 No Patch

Monitor Meta in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.