WhatsApp users are advised to review their settings and ensure they have the latest app version installed due to security vulnerabilities recently identified by security researchers. These vulnerabilities affect how media files and attachments are managed, as well as WhatsApp for Windows users.
Although these flaws do not automatically infect devices, they could potentially facilitate social engineering attacks or be combined with other vulnerabilities for more serious threats, according to Malwarebytes experts. A malicious message could deceive a device into opening content from an untrusted source.
The vulnerabilities, known as CVE-2026-23866 and CVE-2026-23863, were uncovered through Meta’s Bug Bounty program. Currently, there is no evidence of real-world exploitation or phone infections related to these flaws. WhatsApp assured that they have not observed any exploitation in practice.
Nevertheless, the company has released an update and strongly recommends users to verify their settings. To ensure protection, users should promptly update WhatsApp on their devices. Android users can do this by accessing the Google Play Store, searching for WhatsApp Messenger, and selecting “Update.” iPhone users should open the App Store, tap their profile icon, find WhatsApp, and choose “Update.”
Following the installation of the update, devices will be safeguarded against potential future attacks. In related news, older Android devices may soon lose access to WhatsApp, as the platform plans to discontinue support for devices running versions older than Android 6 from September 8, 2026, as reported by WABetaInfo. Affected users may receive a message indicating that WhatsApp will cease to function on their devices.
While the majority of users are unlikely to be affected, since Android 6 was released in 2015 and is no longer prevalent on modern smartphones, it is essential for users to stay informed and keep their apps updated for security reasons.