Opensecurity Mobile Security Framework — known CVE vulnerabilities
Every CVE whose affected-product data names Opensecurity Mobile Security Framework, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2026-24490 — CVSS 8.1 (high): MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting (XSS) vulnerability in…
CVE-2024-53999 — CVSS 8.1 (high): Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and…
CVE-2024-43399 — CVSS 8.0 (high): Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and…
CVE-2024-29190 — CVSS 7.5 (high): Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and…
CVE-2024-54000 — CVSS 7.5 (high): Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and…
CVE-2022-41547 — CVSS 7.5 (high): Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the…
CVE-2023-42261 — CVSS 7.5 (high): Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication…
CVE-2025-46730 — CVSS 6.8 (medium): MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that…
CVE-2025-58162 — CVSS 6.5 (medium): MobSF is a mobile application security testing tool used. In version 4.4.0, an authenticated user who uploaded a specially prepared one.a…
CVE-2024-31215 — CVSS 6.3 (medium): Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. A SSRF…
CVE-2025-24805 — CVSS 5.5 (medium): Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and…
CVE-2025-24803 — CVSS 5.4 (medium): Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and…
CVE-2025-46335 — CVSS 5.4 (medium): Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. A Stored…
CVE-2026-33545 — CVSS 5.3 (medium): MobSF is a mobile application security testing tool used. Prior to version 4.4.6, MobSF's `read_sqlite()` function in…
CVE-2024-41955 — CVSS 5.2 (medium): Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. An open…
CVE-2025-31116 — CVSS 4.4 (medium): Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and…
CVE-2025-58161 — CVSS 4.3 (medium): MobSF is a mobile application security testing tool used. In version 4.4.0, the GET /download/ route uses string path verification via…
CVE-2025-24804 — CVSS 4.3 (medium): Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and…