Baileys

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-48063	WhiskeySockets Baileys	cri	0.52	—	—		Jun 10, 2026	### Impact Any baileys session under the latest version (< 7.0.0-rc12, and < 6.7.22) can be sent a malicious payload via the placeholderResendMessage and trigger a fake `messages.upsert` event with a fake message key and payload. This allows anyone to spoof messages. The…

CVE-2026-48063criJun 10, 2026
WhiskeySockets
Baileys
risk 0.52cvss —epss —
### Impact Any baileys session under the latest version (< 7.0.0-rc12, and < 6.7.22) can be sent a malicious payload via the placeholderResendMessage and trigger a fake `messages.upsert` event with a **fake message key and payload**. This allows anyone to spoof messages. The…