Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks

May 6, 2025

Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks

The Mobile Security Framework (MobSF), a widely utilized tool, contains two critical zero-day vulnerabilities.
These vulnerabilities, designated as CVE-2025-46335 and CVE-2025-46730, impact all versio …

Published Date:
May 06, 2025 (2 hours, 46 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-46730

CVE-2025-46335

Source: Read More

Previous ArticleCritical Langflow RCE flaw exploited to hack AI app servers

Next Article CISA Warns 2 SonicWall Vulnerabilities Under Active Exploitation

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

Borderlands 4 is killing off a tired “FOMO” trend — I hope other developers follow suit

Dr. Axel’s JavaScript flashcards

Dr. Axel’s JavaScript flashcards

Syntax-Highlight – Custom Element For Syntax Highlighting Content

WelsonJS – Build a Windows app on the Windows built-in JavaScript engine

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks

Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks

CVE-2025-49763: Apache Traffic Server Vulnerability Enables Memory Exhaustion Attacks

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal

CVE-2025-4187 – UserPro – Community and User Profile WordPress Plugin Directory Traversal Vulnerability

CVE-2025-37793 – Intel ASoC avs Null Pointer Dereference Vulnerability

CVE-2025-5482 – Sunshine Photo Cart WordPress Privilege Escalation Vulnerability

CVE-2025-46345 – Auth0 Account Link Extension JWT Signature Verification Bypass

5 AI-Powered Tools to Automate Your Browser Tasks

Using Amazon OpenSearch ML connector APIs

CVE-2025-45526 – Microlight Denial of Service Vulnerability

France’s OVHcloud May Replace Microsoft Azure In Major EU Cloud Shake-Up

Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks

Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks

Related Posts