root@mhfh:~# ./db --stats → ios=7 android=8 critical=7
Mobile Exploit Database
A curated archive of iOS and Android vulnerabilities — CVE metadata, affected versions, proof-of-concept code and downloadable artefacts. Search, filter, and pivot into the full write-up for any entry.
root@mhfh:~#grep -r 'CVE' /var/db/exploits/
exploit-db.sh --query
$ platform:
$ severity:
| CVE | Platform | Title | Type | Sev | |
|---|---|---|---|---|---|
| CVE-2026-0073 | Android | adbd wireless debugging remote shell | RCE | Critical | cat → |
| CVE-2026-21385 | Android | Graphics component buffer over-read | InfoLeak | High | cat → |
| CVE-2026-0032 | Android | mem_protect.c out-of-bounds write | LPE | High | cat → |
| CVE-2026-20700 | iOS | Memory corruption arbitrary code execution | RCE | Critical | cat → |
| CVE-2026-20640 | iOS | iPhone Mirroring UI state disclosure | InfoLeak | High | cat → |
| CVE-2025-43529 | iOS | WebKit Use-After-Free arbitrary code | RCE | Critical | cat → |
| CVE-2025-48543 | Android | Chrome sandbox escape use-after-free | Sandbox | High | cat → |
| CVE-2024-23222 | iOS | WebKit RCE via type confusion | RCE | Critical | cat → |
| CVE-2024-44308 | iOS | JavaScriptCore UXSS chain | RCE | Critical | cat → |
| CVE-2023-41064 | iOS | BLASTPASS ImageIO 0-click | 0-click | Critical | cat → |
| CVE-2022-32893 | iOS | WebKit OOB write → kernel LPE | LPE | Critical | cat → |
| CVE-2024-32896 | Android | Pixel firmware privilege escalation | LPE | High | cat → |
| CVE-2024-43093 | Android | Framework path traversal sandbox escape | Sandbox | High | cat → |
| CVE-2023-21492 | Android | Samsung kernel pointer leak | InfoLeak | Medium | cat → |
| CVE-2023-20963 | Android | WorkSource parcel mismatch (in-the-wild) | LPE | High | cat → |
15 record(s)
root@mhfh:~#ssh client@mhfh.io
secure_channel.enc
$ Open a secure channel. PGP preferred. Pre-engagement NDA available on request.
email: info@mobilehackerforhire.com
pgp.fingerprint: 4096R/A1B2 C3D4 E5F6 7890 1234
tor: mhfh3xpl0it.onion