WhatsApp has disclosed two medium-severity vulnerabilities that were patched earlier this year, both discovered through Meta's bug bounty program. The first flaw affected WhatsApp for Windows, allowing attackers to disguise malicious executables as harmless files, while the second impacted iOS and Android versions, potentially enabling attackers to redirect users to phishing sites or trigger custom URL schemes through improperly validated AI rich response messages for Instagram Reels. Meta says there's no evidence these vulnerabilities were exploited in the wild, and both issues were responsibly reported by security researchers.