21 Total advisories
21 Vulnerabilities
0 Malware
Vulnerabilities
MEDIUM 4.4
CVE-2025-31116
Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding
CRITICAL 9.8
CVE-2025-31116
CVE-2025-31116
HIGH 7.5
CVE-2023-42261
CVE-2023-42261
HIGH 7.5
CVE-2023-42261
Withdrawn Advisory: Mobile Security Framework (MobSF) Vulnerable to Insecure Permissions
HIGH 7.5
CVE-2024-29190
CVE-2024-29190
MEDIUM 5.3
CVE-2026-33545
MobSF has SQL Injection in its SQLite Database Viewer Utils
HIGH 8.1
CVE-2026-24490
MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field
MEDIUM 6.5
CVE-2025-58162
MobSF Vulnerable to Arbitrary File Write (AR-Slip) via Absolute Path in .a Extraction
UNKNOWN
CVE-2025-58161
MobSF Path Traversal in GET /download/<filename> using absolute filenames
MEDIUM 6.3
CVE-2024-31215
Mobile Security Framework (MobSF) vulnerable to SSRF in firebase database check
MEDIUM 6.1
CVE-2024-53999
Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality
HIGH 7.5
CVE-2024-54000
MobSF vulnerability allows SSRF due to the allow_redirects=True parameter
UNKNOWN
CVE-2024-54000
CVE-2024-54000
MEDIUM 6.8
CVE-2025-46730
Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack
UNKNOWN
CVE-2025-46335
Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload
MEDIUM 6.5
CVE-2025-24804
MobSF Partial Denial of Service (DoS)
HIGH 8.1
CVE-2025-24803
MobSF Stored Cross-Site Scripting (XSS)
MEDIUM 6.5
CVE-2025-24805
MobSF Local Privilege Escalation
HIGH 8.0
CVE-2024-43399
Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files
MEDIUM 5.2
CVE-2024-41955
MobSF vulnerable to Open Redirect in Login Redirect
HIGH 7.5
CVE-2022-41547
MobSF allows attackers to read arbitrary files via a crafted HTTP request
Ready to move
Start Securing
Free, no credit card | First findings in minutes