WhatsApp for Windows Attachment Spoofing Vulnerability

Vulnerability

A spoofing vulnerability related to attachments has been identified in WhatsApp for Windows, affecting versions prior to 2.3000.1032164386.258709. This vulnerability could have allowed maliciously crafted documents, embedded with NUL bytes in the filename, to be displayed as one type of file within the application. However, when opened, these documents could execute as a different file type.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of files as executable programs, potentially allowing for the execution of malicious code on the user's system.

Added: May 1, 2026, 5:16 PM

Updated: May 1, 2026, 5:16 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

4.2

remediation

0.0

relevance

7.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

4.2

remediation

0.0

relevance

7.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WhatsApp for Windows Attachment Spoofing Vulnerability

Vulnerability

Impact

Affected Products

WhatsApp

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating