CVE-2019-18426CISA KEVEPSS p99.2%

CVE-2019-18426WhatsApp Cross-Site Scripting Vulnerability

Meta Platforms / WhatsApp

Description

A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading.

Scoring

EPSS67.86% probability of exploitation · percentile 99.2% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2022-05-23

(incoming)1

TypeTargetConfidenceTier
KEVEntryWhatsApp Cross-Site Scripting Vulnerabilitykev-cve-2019-184260%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
WhatsApp VOIP Stack Buffer Overflow Vulnerability
CVE
Meta Platforms WhatsApp Incorrect Authorization Vulnerability
CVE
Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability
CVE
Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability
CVE
CVE-2026-42897
CVE
Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.