CVE-2025-55179 – WhatsApp Cross-Site Request Forgery (CSRF) Vulnerability

CVE ID : CVE-2025-55179

Published : Nov. 18, 2025, 1:56 p.m. | 1 hour, 8 minutes ago

Description : Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We have not seen evidence of exploitation in the wild.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…