CVE-2025-30401
published 2025-04-05CVE-2025-30401: A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler…
PriorityP346medium6.7CVSS 3.1
AVNACHPRLUIRSUCHIHAL
EPSS
15.84%
96.5th percentile
A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension. A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp. We have not seen evidence of exploitation in the wild.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| whatsapp_desktop_for_windows | >= 0.0.0 < 2.2450.6 | 2.2450.6 | |
| < 2.2450.6 | 2.2450.6 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Checkpoint
14th April – Threat Intelligence Report
blogs_checkpoint·2025-04-14
CVE-2024-50623 14th April – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 14th April – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 14th April, please download our Threat Intelligence Bulletin .
TOP ATTACKS AND BREACHES
The United States Office of the Comptroller of the Currency (OCC), an independent bureau of the Department of the Treasury, has suffered a significant security breach. Threat actors have gained access to the bureau’s email messages for a period of a year and a half. According to the agency’s disclosure, the messages included
Bleepingcomputer
WhatsApp flaw can let attackers run malicious code on Windows PCs
blogs_bleepingcomputer·2025-04-08·CVSS 6.7
CVE-2025-30401 [MEDIUM] WhatsApp flaw can let attackers run malicious code on Windows PCs
## WhatsApp flaw can let attackers run malicious code on Windows PCs
## Sergiu Gatlan
Meta warned Windows users to update the WhatsApp messaging app to the latest version to patch a vulnerability that can let attackers execute malicious code on their devices.
Described as a spoofing issue and tracked as CVE-2025-30401 , this security flaw can be exploited by attackers by sending maliciously crafted files with altered file types to potential targets.
Meta says the vulnerability impacted all WhatsApp versions and has been fixed with the release of WhatsApp 2.2450.6.
"A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment's filename extension," WhatsApp explained i
2025-04-05
Published