Incomplete Validation Issue in WhatsApp for iOS and Mac
CVE-2025-55179

5.4MEDIUM

Key Information:

Vendor

Facebook

Status
WhatSAPp Business For iOS
WhatSAPp For iOS
WhatSAPp Desktop For Mac
Vendor
CVE Published:
18 November 2025

What is CVE-2025-55179?

WhatsApp for iOS and Mac has a vulnerability characterized by incomplete validation of rich response messages. This flaw allows a user to potentially process media content from arbitrary URLs on another user's device. This can lead to unauthorized actions, as prior versions recognized in the affected range fail to properly verify messages, posing a risk to user privacy and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

WhatsApp Business for iOS 2.25.8.14 < 2.25.23.82

WhatsApp Desktop for Mac 2.25.8.14 < 2.25.23.83

WhatsApp for iOS 2.25.8.17 < 2.25.23.73

References

https://www.facebook.com/security/advisories/cve-2025-55179
x_refsource_CONFIRM
https://www.whatsapp.com/security/advisories/2025/
x_refsource_CONFIRM

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.