Vulnerabilities > CVE-2025-30401 - Unspecified vulnerability in Whatsapp

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

NVD

Published: 2025-04-05

Updated: 2025-04-09

Summary

A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension. A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp. We have not seen evidence of exploitation in the wild.

Vulnerable Configurations

Part	Description	Count
Application	Whatsapp Whatsapp Whatsapp - Whatsapp Whatsapp 0.2.684 Whatsapp Whatsapp 0.2.777 Whatsapp Whatsapp 0.2.1061 Whatsapp Whatsapp 0.2.2243 Whatsapp Whatsapp 0.2.2478 Whatsapp Whatsapp 0.2.2731 Whatsapp Whatsapp 0.2.3120 Whatsapp Whatsapp 0.2.3572 Whatsapp Whatsapp 0.2.3698 Whatsapp Whatsapp 0.2.4240 Whatsapp Whatsapp 0.2.5371 Whatsapp Whatsapp 0.2.8505 Whatsapp Whatsapp 0.2.9008 Whatsapp Whatsapp 0.2.9229 Whatsapp Whatsapp 0.2.9737 Whatsapp Whatsapp 0.3.1071.0 Whatsapp Whatsapp 0.3.1847 Whatsapp Whatsapp 0.3.3793 Whatsapp Whatsapp 2.18.224 Whatsapp Whatsapp 2.18.368 Whatsapp Whatsapp 2.2320.2	22

Vulnerabilities > CVE-2025-30401 - Unspecified vulnerability in Whatsapp

Summary

Vulnerable Configurations

Related news

References