Zero Day FreeType Vulnerability Disclosed by Meta

by Justin Erickson

Meta’s security team has disclosed details of a zero-day flaw in version 2.13.0 of FreeType, a popular font-rendering library. Reports suggest that the vulnerability may be actively exploited in the wild, potentially allowing attackers to gain unauthorized access and execute arbitrary code. FreeType is widely used across multiple platforms, which raises concerns about the scope of possible impacts. Users are highly advised to update to the latest version of FreeType, as any version past 2.13.0 has a patch for this vulnerability. The flaw is listed as CVE-2025-27363.