Last month WhatsApp quietly patched yet another critical vulnerability in its app that could have allowed attackers to remotely compromise targeted devices and steal secured chat messages and files stored on them. The vulnerability is a stack-based buffer overflow issue that resided in the way previous WhatsApp versions parse the elementary stream metadata of an MP4 file, resulting in denial-of-service or remote code execution attacks. The WhatsApp MP4 vulnerability came just two weeks after Facebook sued the NSO Group for misusing WhatsApp service to target its users.
Source: https://thehackernews.com/2019/11/whatsapp-hacking-vulnerability.html