Known Vulnerabilities for products from Whatsapp
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Whatsapp".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-39696 json | Not Provided | 2026-04-08 | 2026-04-08 | |
| CVE-2026-35589 json | Not Provided | 2026-04-14 | 2026-04-15 | |
| CVE-2026-34758 json | Not Provided | 2026-04-02 | 2026-04-03 | |
| CVE-2025-39411 json | Not Provided | 2025-05-19 | 2026-04-01 | |
| CVE-2025-31056 json | Not Provided | 2025-05-23 | 2026-04-01 | |
| CVE-2025-25138 json | Not Provided | 2025-02-07 | 2026-04-01 | |
| CVE-2024-52489 json | Not Provided | 2024-12-02 | 2026-04-01 | |
| CVE-2023-38538 json | A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have re... | 5 - MEDIUM | 2023-10-04 | 2023-11-07 |
| CVE-2023-38537 json | A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming au... | 5.6 - MEDIUM | 2023-10-04 | 2023-11-07 |
| CVE-2023-5668 json | Not Provided | 2023-10-20 | 2026-04-08 | |
| CVE-2022-36934 json | An integer overflow in WhatsApp could result in remote code execution in an established video call. | 9.8 - CRITICAL | 2022-09-22 | 2022-09-24 |
| CVE-2022-27492 json | An integer underflow in WhatsApp could have caused remote code execution when receiving a crafted video file. | 7.8 - HIGH | 2022-09-23 | 2022-09-23 |
| CVE-2021-24043 json | A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21... | 9.1 - CRITICAL | 2022-02-02 | 2022-02-07 |
| CVE-2021-24042 json | The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for i... | 9.8 - CRITICAL | 2022-01-04 | 2022-01-14 |
| CVE-2021-24041 json | A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.2... | 9.8 - CRITICAL | 2021-12-07 | 2021-12-08 |
| CVE-2021-24035 json | A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Andr... | 9.1 - CRITICAL | 2021-06-11 | 2021-06-21 |
| CVE-2021-24027 json | A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have al... | 7.5 - HIGH | 2021-04-06 | 2022-08-30 |
| CVE-2021-24026 json | A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsA... | 9.8 - CRITICAL | 2021-04-06 | 2021-04-15 |
| CVE-2020-20096 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-03-23 | 2022-03-30 |
| CVE-2020-1910 json | A missing bounds check in WhatsApp for Android prior to v2.21.1.13 and WhatsApp Business for Android prior to v2.21.1.13 coul... | 7.8 - HIGH | 2021-02-02 | 2021-02-08 |
Known software with vulnerabilities from Whatsapp
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | - | ||
| Application | Whatsapp Business | 2.19.100 | |
| Application | Whatsapp Enterprise Client | - |