- What is the Meta CNA?
- Meta is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 8 CVE records since 2025.
- How many CVEs has Meta published?
- Meta has published 8 CVE records, including 8 in the last two years.
- What is Meta's CVE data quality grade?
- RadicalNotion.AI grades Meta's CVE data quality as C, with an overall completeness score of 78.1%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (75%), and CWE (37.5%) information.
- What products does Meta publish CVEs for?
- Meta most frequently publishes CVEs for react-server-dom-parcel, react, react-server-dom-turbopack, react-server-dom-webpack, next.js.
- Which vendors does Meta cover?
- Meta publishes CVEs across 3 distinct vendors, most often Facebook, Meta, vercel, Red Hat, whatsapp.
- Is Meta actively publishing CVEs?
- Meta is currently active, based on 8 CVEs in the last two years.
- What is the average severity of Meta's CVEs?
- The average CVSS base score across Meta's scored CVEs is 6.8.
- How many critical CVEs has Meta published?
- Meta has published 1 critical-severity CVEs and 6 high-severity CVEs.
- Are any of Meta's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- Yes. 1 of Meta's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
- What are the most common weakness types in Meta's CVEs?
- Meta's CVEs most often map to these CWE weakness types: CWE-502 (Deserialization of Untrusted Data), CWE-158 (Improper Neutralization of Null Byte or NUL Character), CWE-400 (Uncontrolled Resource Consumption), CWE-125 (Out-of-bounds Read).
- How does Meta rank among CNAs?
- By total CVE volume, Meta ranks #324 of 370 CNAs, and it reports more complete CVE records than 28% of all CNAs.