Mobile

This hub aggregates every CVE we track for Mobile, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 7 most recently published vulnerabilities affecting Mobile.

• CVE-2025-26563WordPress Rocket Mobile Plugin <= 0.4.2 - Cross Site Scripting (XSS) vulnerability7.1Mar 3, 2025
• CVE-2024-42027The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources.6.7Oct 7, 2024
• CVE-2022-3980An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.9.8Nov 16, 2022
• CVE-2020-9363The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for ...7.8Feb 24, 2020
• CVE-2015-9376iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg().6.1Aug 28, 2019
• CVE-2014-8346The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service...7.8Oct 24, 2014
• CVE-2009-3430SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.7.5Sep 25, 2009