Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Mobile-Security-Framework-MobSF — Vulnerabilities & Security Advisories 16

All 16 CVE vulnerabilities found in Mobile-Security-Framework-MobSF, with AI-generated Chinese analysis, references, and POCs.

Vendor: MobSF

CVE IDTitleCVSSSeverityPublished
CVE-2026-33545 MobSF has SQL Injection in its SQLite Database Viewer Utils CWE-89 5.3 Medium2026-03-26
CVE-2026-24490 MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field CWE-79 8.1 High2026-01-27
CVE-2025-58162 MobSF Vulnerable to Arbitrary File Write (AR-Slip) via Absolute Path in .a Extraction CWE-22 6.5 Medium2025-09-02
CVE-2025-58161 MobSF Path Traversal in GET /download/<filename> using absolute filenames CWE-22 6.5AIMediumAI2025-09-02
CVE-2025-46730 Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack CWE-409 6.8 Medium2025-05-05
CVE-2025-46335 Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload CWE-79 5.4AIMediumAI2025-05-05
CVE-2025-31116 Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding CWE-918 4.4 Medium2025-03-31
CVE-2025-24803 Stored Cross-Site Scripting (XSS) in MobSF CWE-79 6.5 -2025-02-05
CVE-2025-24804 Partial Denial of Service (DoS) in MobSF CWE-1287 6.5 -2025-02-05
CVE-2025-24805 Local Privilege Escalation in MobSF CWE-269 6.1 -2025-02-05
CVE-2024-53999 Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality CWE-79 8.1 High2024-12-03
CVE-2024-54000 Mobile Security Framework (MobSF) bypass of SSRF fix CWE-918 7.5 High2024-12-03
CVE-2024-43399 Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files CWE-23 8.0 High2024-08-19
CVE-2024-41955 Mobile Security Framework (MobSF) has an Open Redirect in Login Redirect CWE-601 5.2 Medium2024-07-31
CVE-2024-31215 Mobile Security Framework (MobSF) vulnerable to Server-Side Request Forgery (SSRF) in firebase database check CWE-918 6.3 Medium2024-04-04
CVE-2024-29190 MobSF SSRF Vulnerability on assetlinks_check(act_name, well_knowns) CWE-918 7.5 High2024-03-22

All 16 known CVE vulnerabilities affecting Mobile-Security-Framework-MobSF with full Chinese analysis, references, and POCs where available.