Open Web Application Security Project (OWASP) is one of the standards when it comes to security and finding vulnerabilities. It also releases a top 10 list that includes the most common and important vulnerabilities in various platforms.
The OWASP top 10 guide for mobile could be found at https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Risks. If we have a look at the OWASP mobile project, here are the 10 security issues it covers for mobile applications:
Weak Server Side Controls
Insecure Data Storage
Insufficient Transport Layer Protection
Unintended Data Leakage
Poor Authorization and Authentication
Broken Cryptography
Client Side Injection
Security Decisions Via Untrusted Inputs
Improper Session Handling
Lack of Binary Protections
Let's go into each of them one by one and have a quick understanding of what they relate to in mobile applications and how we could detect them: