Known Vulnerabilities for products from Facebook

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Facebook".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-32491 Not Provided 2026-03-25 2026-03-25
CVE-2025-64296 Not Provided 2025-10-29 2026-04-01
CVE-2025-63022 Not Provided 2025-12-31 2026-04-01
CVE-2025-58031 Not Provided 2025-09-22 2026-04-01
CVE-2025-48256 Not Provided 2025-05-19 2026-04-01
CVE-2025-47531 Not Provided 2025-05-07 2026-04-01
CVE-2025-32169 Not Provided 2025-04-04 2026-04-01
CVE-2025-31433 Not Provided 2025-03-28 2026-04-01
CVE-2025-25086 Not Provided 2025-03-27 2026-04-01
CVE-2025-23814 Not Provided 2025-03-03 2026-04-01
CVE-2021-39207 parlai is a framework for training and evaluating AI models on a variety of openly available dialogue datasets. In affected v... 8.8 - HIGH 2021-09-10 2021-09-23
CVE-2021-24218 The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 ... 8.8 - HIGH 2021-04-12 2021-04-20
CVE-2021-24217 The run_action function of the Facebook for WordPress plugin before 3.0.0 deserializes user supplied data making it possible ... 8.1 - HIGH 2021-04-12 2021-04-20
CVE-2021-24045 A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.1... 9.8 - CRITICAL 2021-12-13 2021-12-15
CVE-2021-24044 By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions... 9.8 - CRITICAL 2022-01-15 2022-01-24
CVE-2021-24040 Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could ... 9.8 - CRITICAL 2021-09-10 2021-09-24
CVE-2021-24037 A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e a... 9.8 - CRITICAL 2021-06-15 2021-06-23
CVE-2021-24036 Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on... 9.8 - CRITICAL 2021-07-23 2022-10-26
CVE-2021-24033 react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a comman... 5.6 - MEDIUM 2021-03-09 2021-03-16
CVE-2021-24032 Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility crea... 4.7 - MEDIUM 2021-03-04 2021-04-28
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Facebook

Type Vendor Product Version
ApplicationFacebookAl Jazeera6
ApplicationFacebookArabic Troll Football1.0.1
ApplicationFacebookBarcode Scanner2.3.0
ApplicationFacebookBest Beginning2
ApplicationFacebookBilingual Magic Ball0.1
ApplicationFacebookBilingual Magic Ball Relajo0.1
ApplicationFacebookBite It!1.1.8
ApplicationFacebookBuck2015.09.10.01
ApplicationFacebookCreate-react-app0.5.0
ApplicationFacebookFace Fun Photo Collage Maker 21.3.0
ApplicationFacebookFacebook For Woocommerce1.9.11
ApplicationFacebookFacebook Platform1.0
ApplicationFacebookFire Equipments Screen Lock1.1
ApplicationFacebookFizz2018.09.24.00
ApplicationFacebookFolly0.22.0
ApplicationFacebookHermes-
ApplicationFacebookHhvm2.2.0
ApplicationFacebookHiphop Virtual Machine2.2.0
ApplicationFacebookHunting Trophy Whitetails0.75.13441.88885
ApplicationFacebookInstagram-
Results limited to 20 most recent known configurations