A critical vulnerability identified in WhatsApp for Windows allows attackers to execute arbitrary code by sending seemingly harmless file attachments that exploit the application's handling of MIME types and file extensions. Designated as CVE-2025-30401, the high-severity flaw affects versions up to 2.2450.5 and has been rectified in version 2.2450.6. The spoofing vulnerability could deceive users into interacting with malicious attachments, leading to unauthorized execution of code and potential data theft. This issue also raises concerns in group chats where a single malicious attachment can compromise multiple users. Immediate updating to a patched version is urged.
Source: https://cybersecuritynews.com/whatsapp-for-windows-vulnerability/
"id": "wha623040825",
"linkid": "whatsapp.",
"type": "Vulnerability",
"date": "4/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"