CVE-2025-58161 | MobSF Mobile-Security-Framework-MobSF 4.4.0 Download File /download/ os.path.commonprefix path traversal (GHSA-ccc3-fvfx-mw3v)

A vulnerability was found in MobSF Mobile-Security-Framework-MobSF 4.4.0 and classified as critical. This impacts the function os.path.commonprefix of the file /download/ of the component Download File Handler. Executing manipulation can lead to path traversal.

The identification of this vulnerability is CVE-2025-58161. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More