CVE-2026-48063 - Baileys protocolMessage spoofing and state corruption

Baileys sessions before 6.7.22 and release-candidate builds before 7.0.0-rc12 could accept malicious protocolMessage payloads that trigger fake messages.upsert events, spoof history sync context, and corrupt app state sync flows. An attacker can inject false message context or jam sync behavior without needing local code execution on the victim service.

The vendor notes partial containment options, but the durable fix is to upgrade every deployed session runtime.

When to use it

  • A Node service, bot, relay, support workflow, or sync worker resolves a vulnerable baileys or @whiskeysockets/baileys version.
  • Long-lived WhatsApp sessions process incoming protocolMessage, messages.upsert, history sync, or app-state sync events.
  • Downstream logic mutates durable state, cases, automations, or customer records from Baileys events.
  • You need a bounded PR or triage note that upgrades Baileys and records rollout containment for session workers.

Inputs

  • Node manifests, lockfiles, workspaces, package overrides, Dockerfiles, SBOMs, deployment manifests, and generated dependency reports.
  • Baileys package names and resolved versions for every worker, bot, relay, and long-lived session runtime.
  • Event handlers for messages.upsert, history sync, app-state sync, durable state mutation, and any temporary event-drop controls.
  • Available install, tests, build, image build, bot smoke tests without real user data, SBOM, and dependency/security scan commands.

Affected versions

  • Vulnerable: baileys <6.7.22, @whiskeysockets/baileys <6.7.22, baileys >=7.0.0-rc.1 <7.0.0-rc12, @whiskeysockets/baileys >=7.0.0-rc.1 <7.0.0-rc12
  • Fixed: 6.7.22+ or 7.0.0-rc12+
  • Affected surface: any live Baileys session processing incoming WhatsApp events

Indicator-of-exposure

  • The repository depends on baileys or @whiskeysockets/baileys in a vulnerable range.
  • It runs message-processing bots, relays, support tooling, or sync services backed by Baileys sessions.
  • Code trusts messages.upsert, history sync, or app state updates without secondary validation.

Quick checks:

rg -n "@whiskeysockets/baileys|from 'baileys'|messages\\.upsert|shouldSyncHistoryMessage|protocolMessage|app-state" .
npm ls baileys @whiskeysockets/baileys
pnpm why baileys @whiskeysockets/baileys

Windows:

rg -n "@whiskeysockets/baileys|from 'baileys'|messages\\.upsert|shouldSyncHistoryMessage|protocolMessage|app-state" .
npm ls baileys @whiskeysockets/baileys
pnpm why baileys @whiskeysockets/baileys

Remediation strategy

  • Upgrade all Baileys deployments to 6.7.22+ or 7.0.0-rc12+.
  • If upgrade rollout is staggered, temporarily drop messages.upsert events containing requestId and consider disabling automatic history sync with shouldSyncHistoryMessage: () => false where the business can tolerate it.
  • Review downstream logic that assumes all upsert/history sync events are trustworthy input.
  • Restart or recycle long-lived session processes after deployment so no stale runtime remains.

The prompt

Model context: this prompt was generated by GPT 5.5 Extra High reasoning.

You are remediating CVE-2026-48063 / GHSA-qvv5-jq5g-4cgg in Baileys. Malicious
`protocolMessage` payloads can spoof message events and corrupt sync state.
Produce exactly one output:

- A reviewer-ready PR/change request that upgrades Baileys, adds safe event
  handling guardrails, refreshes artifacts, and documents rollout actions, or
- TRIAGE.md if this repository does not control an affected Baileys runtime.

## Rules

- Scope only CVE-2026-48063 and directly related Baileys session handling.
- Treat message content, phone numbers, session credentials, and chat history
  as sensitive.
- Do not send forged protocol messages or interact with real user sessions to
  prove exploitability.
- Do not delete all message handling as a shortcut.
- Do not auto-merge.

## Steps

1. Inventory every Baileys dependency, worker, bot, image, and deployment owned
   by this repository.
2. Determine which package name and version each runtime resolves and whether it
   is long-lived or ephemeral.
3. Search for `messages.upsert`, history sync, app-state sync, and any logic
   that trusts those events to mutate durable state.
4. If the repository does not control an affected Baileys runtime, stop with
   `TRIAGE.md` naming the owner and required fixed versions.
5. Upgrade all controlled runtimes to `6.7.22+` or `7.0.0-rc12+` and refresh
   lockfiles, builds, images, and SBOMs.
6. Add or document temporary containment where rollout is not atomic:
   - drop `messages.upsert` events containing `requestId`;
   - disable automatic history sync if the product can tolerate it.
7. Add regression checks that validate the fixed dependency version and verify
   event handlers reject obviously untrusted sync metadata without using live
   exploit payloads.
8. Add a PR body section named `CVE-2026-48063 operator actions` covering:
   - versions before and after;
   - which runtimes and sessions were in scope;
   - whether temporary sync restrictions were enabled;
   - any need to recycle long-lived sessions;
   - validation that passed.
9. Run available validation: dependency install, tests, builds, image builds,
   bot smoke tests without real user data, and dependency/security scans.
10. Use PR title:
    `fix(sec): remediate CVE-2026-48063 in Baileys`.

## Stop conditions

- No affected Baileys runtime is controlled by this repository.
- Verification would require sending malicious protocol messages to real
  sessions.
- Product owners reject temporary sync restrictions required during rollout.
- Validation fails for unrelated pre-existing reasons; document those failures.

Verification - what the reviewer looks for

  • No controlled runtime resolves a vulnerable Baileys version.
  • Event-processing guardrails are in place during any non-atomic rollout.
  • Long-lived session services are explicitly recycled or redeployed.

Output contract

  • Reviewer-ready PR upgrading all controlled Baileys runtimes to 6.7.22+ or 7.0.0-rc12+ and refreshing lockfiles, builds, images, SBOMs, and reports.
  • Safe event-handling guardrails for non-atomic rollout without forged protocol messages or real user sessions.
  • Operator notes for affected sessions, temporary sync restrictions, session worker recycle/redeploy, and validation commands.
  • TRIAGE.md when this repository does not control the affected Baileys runtime or product owners reject required temporary containment.

Watch for

  • Updating one package name while another workspace still uses the alternate baileys or @whiskeysockets/baileys package.
  • Patch rollout without restarting existing session workers.
  • Event guards that log sensitive message or session data while trying to detect suspicious sync metadata.

References