Medium severity6.5NVD Advisory· Published May 1, 2026· Updated May 11, 2026
CVE-2026-23863
CVE-2026-23863
Description
An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened. We have not seen evidence of exploitation in the wild.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.facebook.com/security/advisories/cve-2026-23863nvdThird Party Advisory
- www.whatsapp.com/security/advisories/2026nvdVendor Advisory
News mentions
42- Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploitedHelp Net Security · May 17, 2026
- Meta’s confusing new approach to chat privacyMalwarebytes Labs · May 15, 2026
- ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ StoriesThe Hacker News · May 14, 2026
- WhatsApp adds Incognito Chat for private Meta AI conversationsHelp Net Security · May 13, 2026
- Apple, Google drag cross-platform texting into the encrypted ageThe Register Security · May 12, 2026
- FCC Softens Ban on Foreign-Made RoutersDark Reading · May 11, 2026
- BWH Hotels guests warned after reservation data checks out with cybercrooksThe Register Security · May 11, 2026
- ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and MoreThe Hacker News · May 11, 2026
- Instagram messaging encryption removed, and privacy advocates are pushing backHelp Net Security · May 11, 2026
- A week in security (May 4 – May 10)Malwarebytes Labs · May 11, 2026
- TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook WormsThe Hacker News · May 8, 2026
- Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store DownloadsThe Hacker News · May 8, 2026
- Meta U-turns on encryption push for Instagram as DMs go plaintextThe Register Security · May 8, 2026
- New TCLBanker malware self-spreads over WhatsApp and OutlookBleepingComputer · May 7, 2026
- ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New StoriesThe Hacker News · May 7, 2026
- Fake call logs, real payments: How CallPhantom tricks Android usersESET WeLiveSecurity · May 7, 2026
- VoidStealer Malware Darts Past Google Chrome's EncryptionDark Reading · May 6, 2026
- Critical Bug Could Expose 300,000 Ollama Deployments to Information TheftSecurityWeek · May 5, 2026
- Update WhatsApp now: Two new flaws could expose you to malicious filesMalwarebytes Labs · May 5, 2026
- WhatsApp Discloses File Spoofing, Arbitrary URL Scheme VulnerabilitiesSecurityWeek · May 5, 2026
- Meta adds proof-based security to encrypted backupsHelp Net Security · May 5, 2026
- ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & MoreThe Hacker News · May 4, 2026
- 30,000 Facebook Accounts Hacked via Google AppSheet Phishing CampaignThe Hacker News · May 1, 2026
- The Good, the Bad and the Ugly in Cybersecurity – Week 18SentinelOne Labs · May 1, 2026
- ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More StoriesThe Hacker News · Apr 30, 2026
- Risky Business #835 -- Why the Fast16 malware is badassRisky Business · Apr 29, 2026
- ICE Uses Graphite SpywareSchneier on Security · Apr 22, 2026
- New NGate variant hides in a trojanized NFC payment appESET WeLiveSecurity · Apr 21, 2026
- 20th April – Threat Intelligence ReportCheck Point Research · Apr 20, 2026
- The Good, the Bad and the Ugly in Cybersecurity – Week 16SentinelOne Labs · Apr 17, 2026
- Middle East Hack-for-Hire Operation Traced to South Asian Cyber Espionage GroupInfosecurity Magazine · Apr 9, 2026
- 6th April – Threat Intelligence ReportCheck Point Research · Apr 6, 2026
- NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal AccountsInfosecurity Magazine · Apr 2, 2026
- NCSC warns of messaging app targetingNCSC UK · Mar 31, 2026
- Silver Fox Cyber Campaigns Show Shift Toward Dual EspionageInfosecurity Magazine · Mar 24, 2026
- Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI RevealsInfosecurity Magazine · Mar 24, 2026
- Move fast and save things: A quick guide to recovering a hacked accountESET WeLiveSecurity · Mar 20, 2026
- Iran-Backed Hackers Claim Wiper Attack on Medtech Firm StrykerKrebs on Security · Mar 11, 2026
- Risky Business #828 -- The Coruna exploits are truly exquisiteRisky Business · Mar 11, 2026
- Only 24% Of organizations Test Identity Recovery Every Six MonthsInfosecurity Magazine · Mar 10, 2026
- Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government OfficialsInfosecurity Magazine · Mar 10, 2026
- How AI Assistants are Moving the Security GoalpostsKrebs on Security · Mar 8, 2026