Skip to main content

Mobile Security Framework

17 CVEs product

Monthly

CVE-2026-24490 PyPI HIGH POC PATCH This Week

MobSF versions prior to 4.4.5 are vulnerable to stored XSS through unsanitized rendering of Android manifest attributes in HTML reports, allowing attackers to inject malicious JavaScript by uploading crafted APK files. Public exploit code exists for this vulnerability, and successful exploitation enables session hijacking and account takeover of security analysts using the framework. Upgrade to version 4.4.5 or later to remediate.

Android XSS Mobile Security Framework
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-58162 PyPI MEDIUM POC PATCH This Week

MobSF is a mobile application security testing tool used. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Mobile Security Framework
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-58161 PyPI LOW POC PATCH Monitor

MobSF is a mobile application security testing tool used. Rated low severity (CVSS 1.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Mobile Security Framework
NVD GitHub
CVSS 4.0
1.3
EPSS
0.1%
CVE-2025-46730 PyPI MEDIUM POC PATCH This Month

MobSF is a mobile application security testing tool used. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Mobile Security Framework
NVD GitHub
CVSS 3.1
6.8
EPSS
0.3%
CVE-2025-46335 PyPI HIGH POC PATCH This Week

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Google XSS Apple Mobile Security Framework +3
NVD GitHub
CVSS 4.0
8.6
EPSS
0.2%
CVE-2025-31116 PyPI MEDIUM POC PATCH This Month

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. Public exploit code available.

SSRF Mobile Security Framework
NVD GitHub
CVSS 3.1
4.4
EPSS
0.3%
CVE-2025-24805 PyPI HIGH POC PATCH This Week

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Google Privilege Escalation Apple Mobile Security Framework +2
NVD GitHub
CVSS 4.0
8.5
EPSS
0.2%
CVE-2025-24804 PyPI MEDIUM POC PATCH Monitor

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Google Information Disclosure Apple Mobile Security Framework +2
NVD GitHub
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-24803 PyPI HIGH POC PATCH This Week

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Google XSS Apple Mobile Security Framework +2
NVD GitHub
CVSS 4.0
8.4
EPSS
0.5%
CVE-2024-54000 PyPI HIGH PATCH This Week

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Mobile Security Framework
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-53999 PyPI MEDIUM POC PATCH This Month

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Mobile Security Framework
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2024-43399 PyPI CRITICAL POC PATCH Act Now

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Mobile Security Framework
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-41955 PyPI MEDIUM POC PATCH This Month

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Apple Open Redirect Google Microsoft Mobile Security Framework
NVD GitHub
CVSS 3.1
5.4
EPSS
1.0%
CVE-2024-31215 PyPI MEDIUM PATCH This Month

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Apple Google Microsoft Mobile Security Framework
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-29190 PyPI HIGH POC PATCH This Week

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Google Mobile Security Framework
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-42261 PyPI HIGH POC PATCH This Week

Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Mobile Security Framework
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-41547 PyPI HIGH POC PATCH This Week

Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure PHP LFI Mobile Security Framework
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
EPSS 0% CVSS 8.1
HIGH POC PATCH This Week

MobSF versions prior to 4.4.5 are vulnerable to stored XSS through unsanitized rendering of Android manifest attributes in HTML reports, allowing attackers to inject malicious JavaScript by uploading crafted APK files. Public exploit code exists for this vulnerability, and successful exploitation enables session hijacking and account takeover of security analysts using the framework. Upgrade to version 4.4.5 or later to remediate.

Android XSS Mobile Security Framework
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Week

MobSF is a mobile application security testing tool used. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Mobile Security Framework
NVD GitHub
EPSS 0% CVSS 1.3
LOW POC PATCH Monitor

MobSF is a mobile application security testing tool used. Rated low severity (CVSS 1.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Mobile Security Framework
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM POC PATCH This Month

MobSF is a mobile application security testing tool used. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Mobile Security Framework
NVD GitHub
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Google XSS +5
NVD GitHub
EPSS 0% CVSS 4.4
MEDIUM POC PATCH This Month

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. Public exploit code available.

SSRF Mobile Security Framework
NVD GitHub
EPSS 0% CVSS 8.5
HIGH POC PATCH This Week

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Google Privilege Escalation +4
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC PATCH Monitor

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Google Information Disclosure +4
NVD GitHub
EPSS 1% CVSS 8.4
HIGH POC PATCH This Week

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Google XSS +4
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Mobile Security Framework
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Mobile Security Framework
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Mobile Security Framework
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Apple Open Redirect Google +2
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Apple Google +2
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Google Mobile Security Framework
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Mobile Security Framework
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure PHP LFI +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy