🚨 Medium Security Vulnerability
🆔 CVE-2025-30401
💣 CVSS Score: 6.7
📅 Published Date: 2025-04-07
⚠️ Details: A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension. A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp.Affected Version Information:
- WhatsApp Desktop for Windows (Facebook)
- Default Status: unaffected
- affected from 0.0.0 before 2.2450.6
🛠 References:
🔗 NIST: https://nvd.nist.gov/vuln/detail/CVE-2025-30401
🔗 Facebook: https://www.facebook.com/security/advisories/cve-2025-30401
