CWE-926
AllowedImproper Export of Android Application Components
Abstraction: Variant · Status: Incomplete
The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.
147 vulnerabilities reference this CWE, most recent first.
CVE-2025-10717 (GCVE-0-2025-10717)
Vulnerability from cvelistv5 – Published: 2025-09-19 14:32 – Updated: 2025-09-19 16:52- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325008 | vdb-entry |
| https://vuldb.com/?ctiid.325008 | signaturepermissions-required |
| https://vuldb.com/?submit.645010 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| intsig | CamScanner App |
Affected:
6.91.1.5.250711
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10717",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T16:52:07.941304Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T16:52:27.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.intsig.camscanner.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.intsig.camscanner"
],
"product": "CamScanner App",
"vendor": "intsig",
"versions": [
{
"status": "affected",
"version": "6.91.1.5.250711"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.intsig.camscanner. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in intsig CamScanner App 6.91.1.5.250711 auf Android gefunden. Es betrifft eine unbekannte Funktion der Datei AndroidManifest.xml der Komponente com.intsig.camscanner. Die Ver\u00e4nderung resultiert in improper export of android application components. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T14:32:08.701Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325008 | intsig CamScanner App com.intsig.camscanner AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325008"
},
{
"name": "VDB-325008 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325008"
},
{
"name": "Submit #645010 | INTSIG PTE CamScanner 6.91.1.5.2507110000 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.645010"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.intsig.camscanner.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.intsig.camscanner.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-19T11:39:32.000Z",
"value": "VulDB entry last update"
}
],
"title": "intsig CamScanner App com.intsig.camscanner AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10717",
"datePublished": "2025-09-19T14:32:08.701Z",
"dateReserved": "2025-09-19T09:34:28.623Z",
"dateUpdated": "2025-09-19T16:52:27.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10716 (GCVE-0-2025-10716)
Vulnerability from cvelistv5 – Published: 2025-09-19 14:32 – Updated: 2025-09-19 16:53- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325007 | vdb-entry |
| https://vuldb.com/?ctiid.325007 | signaturepermissions-required |
| https://vuldb.com/?submit.645009 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10716",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T16:52:54.663268Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T16:53:10.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.cxsw.sdprinter.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.cxsw.sdprinter"
],
"product": "Cloud App",
"vendor": "Creality",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Creality Cloud App bis 6.1.0 auf Android ist eine Schwachstelle entdeckt worden. Betroffen davon ist eine unbekannte Funktion der Datei AndroidManifest.xml der Komponente com.cxsw.sdprinter. Die Manipulation f\u00fchrt zu improper export of android application components. Der Angriff muss lokal passieren. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T14:32:06.250Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325007 | Creality Cloud App com.cxsw.sdprinter AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325007"
},
{
"name": "VDB-325007 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325007"
},
{
"name": "Submit #645009 | Creality Cloud 6.1.0 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.645009"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.cxsw.sdprinter.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-19T10:34:40.000Z",
"value": "VulDB entry last update"
}
],
"title": "Creality Cloud App com.cxsw.sdprinter AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10716",
"datePublished": "2025-09-19T14:32:06.250Z",
"dateReserved": "2025-09-19T08:29:22.669Z",
"dateUpdated": "2025-09-19T16:53:10.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10715 (GCVE-0-2025-10715)
Vulnerability from cvelistv5 – Published: 2025-09-19 13:32 – Updated: 2025-09-19 13:50- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325003 | vdb-entry |
| https://vuldb.com/?ctiid.325003 | signaturepermissions-required |
| https://vuldb.com/?submit.645006 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| APEUni | PTE Exam Practice App |
Affected:
10.0
Affected: 10.1 Affected: 10.2 Affected: 10.3 Affected: 10.4 Affected: 10.5 Affected: 10.6 Affected: 10.7 Affected: 10.8.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10715",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T13:50:33.393488Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T13:50:48.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.ape_edication"
],
"product": "PTE Exam Practice App",
"vendor": "APEUni",
"versions": [
{
"status": "affected",
"version": "10.0"
},
{
"status": "affected",
"version": "10.1"
},
{
"status": "affected",
"version": "10.2"
},
{
"status": "affected",
"version": "10.3"
},
{
"status": "affected",
"version": "10.4"
},
{
"status": "affected",
"version": "10.5"
},
{
"status": "affected",
"version": "10.6"
},
{
"status": "affected",
"version": "10.7"
},
{
"status": "affected",
"version": "10.8.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of the file AndroidManifest.xml of the component com.ape_edication. The manipulation results in improper export of android application components. The attack requires a local approach. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In APEUni PTE Exam Practice App bis 10.8.0 auf Android ist eine Schwachstelle entdeckt worden. Dabei geht es um eine nicht genauer bekannte Funktion der Datei AndroidManifest.xml der Komponente com.ape_edication. Durch das Manipulieren mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Der Angriff muss auf lokaler Ebene erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T13:32:08.187Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325003 | APEUni PTE Exam Practice App com.ape_edication AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325003"
},
{
"name": "VDB-325003 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325003"
},
{
"name": "Submit #645006 | APEUni Edu APEUni 10.8.0 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.645006"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.ape_edication.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.ape_edication.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-19T10:33:59.000Z",
"value": "VulDB entry last update"
}
],
"title": "APEUni PTE Exam Practice App com.ape_edication AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10715",
"datePublished": "2025-09-19T13:32:08.187Z",
"dateReserved": "2025-09-19T08:26:26.705Z",
"dateUpdated": "2025-09-19T13:50:48.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10195 (GCVE-0-2025-10195)
Vulnerability from cvelistv5 – Published: 2025-09-10 00:02 – Updated: 2025-09-10 13:05- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.323235 | vdb-entry |
| https://vuldb.com/?ctiid.323235 | signaturepermissions-required |
| https://vuldb.com/?submit.639041 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Seismic App |
Affected:
2.4.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10195",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T13:05:53.151583Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T13:05:57.042Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.seismic.doccenter.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.seismic.doccenter.md#steps-to-reproduce"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.seismic.doccenter"
],
"product": "Seismic App",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.4.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.seismic.doccenter. Such manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Seismic App 2.4.2 auf Android ist eine Schwachstelle entdeckt worden. Betroffen hiervon ist ein unbekannter Ablauf der Datei AndroidManifest.xml der Komponente com.seismic.doccenter. Durch die Manipulation mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Der Angriff muss lokal durchgef\u00fchrt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T00:02:05.924Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-323235 | Seismic App com.seismic.doccenter AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.323235"
},
{
"name": "VDB-323235 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.323235"
},
{
"name": "Submit #639041 | Seismic Software seismic(com.seismic.doccenter) 2.4.2 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.639041"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.seismic.doccenter.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.seismic.doccenter.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-09T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-09T18:12:55.000Z",
"value": "VulDB entry last update"
}
],
"title": "Seismic App com.seismic.doccenter AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10195",
"datePublished": "2025-09-10T00:02:05.924Z",
"dateReserved": "2025-09-09T16:07:41.525Z",
"dateUpdated": "2025-09-10T13:05:57.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9695 (GCVE-0-2025-9695)
Vulnerability from cvelistv5 – Published: 2025-08-30 15:32 – Updated: 2025-09-02 15:17- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.321906 | vdb-entry |
| https://vuldb.com/?ctiid.321906 | signaturepermissions-required |
| https://vuldb.com/?submit.639039 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| GalleryVault | Gallery Vault App |
Affected:
4.5.0
Affected: 4.5.1 Affected: 4.5.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9695",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T14:47:36.035889Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T15:17:25.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.thinkyeah.galleryvault.md#steps-to-reproduce"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.thinkyeah.galleryvault.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.thinkyeah.galleryvault"
],
"product": "Gallery Vault App",
"vendor": "GalleryVault",
"versions": [
{
"status": "affected",
"version": "4.5.0"
},
{
"status": "affected",
"version": "4.5.1"
},
{
"status": "affected",
"version": "4.5.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.thinkyeah.galleryvault. The manipulation leads to improper export of android application components. The attack can only be performed from a local environment. The exploit is publicly available and might be used."
},
{
"lang": "de",
"value": "In GalleryVault Gallery Vault App bis 4.5.2 auf Android wurde eine Schwachstelle gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei AndroidManifest.xml der Komponente com.thinkyeah.galleryvault. Durch Manipulation mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit wurde der \u00d6ffentlichkeit bekannt gemacht und k\u00f6nnte verwendet werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-30T15:32:06.939Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-321906 | GalleryVault Gallery Vault App com.thinkyeah.galleryvault AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.321906"
},
{
"name": "VDB-321906 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.321906"
},
{
"name": "Submit #639039 | GalleryVault Developer Team GalleryVau(com.thinkyeah.galleryvault) 4.5.2 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.639039"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.thinkyeah.galleryvault.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.thinkyeah.galleryvault.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-08-29T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-08-29T13:34:25.000Z",
"value": "VulDB entry last update"
}
],
"title": "GalleryVault Gallery Vault App com.thinkyeah.galleryvault AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-9695",
"datePublished": "2025-08-30T15:32:06.939Z",
"dateReserved": "2025-08-29T11:27:56.710Z",
"dateUpdated": "2025-09-02T15:17:25.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9677 (GCVE-0-2025-9677)
Vulnerability from cvelistv5 – Published: 2025-08-29 21:02 – Updated: 2025-09-02 15:20- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.321889 | vdb-entry |
| https://vuldb.com/?ctiid.321889 | signaturepermissions-required |
| https://vuldb.com/?submit.638078 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Modo | Legend of the Phoenix |
Affected:
1.0.0
Affected: 1.0.1 Affected: 1.0.2 Affected: 1.0.3 Affected: 1.0.4 Affected: 1.0.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9677",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T14:54:51.219201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T15:20:21.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.duige.hzw.multilingual.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.duige.hzw.multilingual.md#steps-to-reproduce"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.duige.hzw.multilingual"
],
"product": "Legend of the Phoenix",
"vendor": "Modo",
"versions": [
{
"status": "affected",
"version": "1.0.0"
},
{
"status": "affected",
"version": "1.0.1"
},
{
"status": "affected",
"version": "1.0.2"
},
{
"status": "affected",
"version": "1.0.3"
},
{
"status": "affected",
"version": "1.0.4"
},
{
"status": "affected",
"version": "1.0.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. The affected element is an unknown function of the file AndroidManifest.xml of the component com.duige.hzw.multilingual. The manipulation results in improper export of android application components. The attack needs to be approached locally. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Modo Legend of the Phoenix bis 1.0.5 entdeckt. Dabei geht es um eine nicht genauer bekannte Funktion der Datei AndroidManifest.xml der Komponente com.duige.hzw.multilingual. Dank Manipulation mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T21:02:07.682Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-321889 | Modo Legend of the Phoenix com.duige.hzw.multilingual AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.321889"
},
{
"name": "VDB-321889 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.321889"
},
{
"name": "Submit #638078 | Modo Global Legend of the Phoenix (com.duige.hzw.multilingual) 1.0.5 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.638078"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.duige.hzw.multilingual.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.duige.hzw.multilingual.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-08-29T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-08-29T12:34:09.000Z",
"value": "VulDB entry last update"
}
],
"title": "Modo Legend of the Phoenix com.duige.hzw.multilingual AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-9677",
"datePublished": "2025-08-29T21:02:07.682Z",
"dateReserved": "2025-08-29T10:28:58.703Z",
"dateUpdated": "2025-09-02T15:20:21.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9676 (GCVE-0-2025-9676)
Vulnerability from cvelistv5 – Published: 2025-08-29 21:02 – Updated: 2025-09-03 15:54- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.321888 | vdb-entry |
| https://vuldb.com/?ctiid.321888 | signaturepermissions-required |
| https://vuldb.com/?submit.638074 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| NCSOFT | Universe App |
Affected:
1.0
Affected: 1.1 Affected: 1.2 Affected: 1.3.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9676",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T14:55:34.044345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T15:54:23.394Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.ncsoft.universeapp.md#steps-to-reproduce"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.ncsoft.universeapp.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.ncsoft.universeapp"
],
"product": "Universe App",
"vendor": "NCSOFT",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.3.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in NCSOFT Universe App up to 1.3.0. Impacted is an unknown function of the file AndroidManifest.xml of the component com.ncsoft.universeapp. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in NCSOFT Universe App bis 1.3.0 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei AndroidManifest.xml der Komponente com.ncsoft.universeapp. Dank der Manipulation mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T21:02:05.597Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-321888 | NCSOFT Universe App com.ncsoft.universeapp AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.321888"
},
{
"name": "VDB-321888 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.321888"
},
{
"name": "Submit #638074 | NCSOFT UNIVERSE(com.ncsoft.universeapp) 1.3.0 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.638074"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.ncsoft.universeapp.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.ncsoft.universeapp.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-08-29T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-08-29T12:32:43.000Z",
"value": "VulDB entry last update"
}
],
"title": "NCSOFT Universe App com.ncsoft.universeapp AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-9676",
"datePublished": "2025-08-29T21:02:05.597Z",
"dateReserved": "2025-08-29T10:27:39.191Z",
"dateUpdated": "2025-09-03T15:54:23.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9675 (GCVE-0-2025-9675)
Vulnerability from cvelistv5 – Published: 2025-08-29 20:32 – Updated: 2025-09-03 15:54- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.321887 | vdb-entry |
| https://vuldb.com/?ctiid.321887 | signaturepermissions-required |
| https://vuldb.com/?submit.638073 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Voice Changer App |
Affected:
1.0
Affected: 1.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9675",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T14:56:19.504203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T15:54:38.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md#steps-to-reproduce"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.tuyangkeji.changevoice"
],
"product": "Voice Changer App",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Voice Changer App up to 1.1.0. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.tuyangkeji.changevoice. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized."
},
{
"lang": "de",
"value": "In Voice Changer App bis 1.1.0 ist eine Schwachstelle entdeckt worden. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei AndroidManifest.xml der Komponente com.tuyangkeji.changevoice. Die Bearbeitung verursacht improper export of android application components. Der Angriff muss lokal passieren. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:32:09.227Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-321887 | Voice Changer App com.tuyangkeji.changevoice AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.321887"
},
{
"name": "VDB-321887 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.321887"
},
{
"name": "Submit #638073 | Voice Changer \u0026 Voice Recorder \u0026 Sound Effects Voice Changer - Sound Effects(com.tuyangkeji.changevoice) 1.1.0 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.638073"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-08-29T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-08-29T12:30:36.000Z",
"value": "VulDB entry last update"
}
],
"title": "Voice Changer App com.tuyangkeji.changevoice AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-9675",
"datePublished": "2025-08-29T20:32:09.227Z",
"dateReserved": "2025-08-29T10:25:30.375Z",
"dateUpdated": "2025-09-03T15:54:38.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9674 (GCVE-0-2025-9674)
Vulnerability from cvelistv5 – Published: 2025-08-29 20:32 – Updated: 2025-09-03 15:54- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.321884 | vdb-entry |
| https://vuldb.com/?ctiid.321884 | signaturepermissions-required |
| https://vuldb.com/?submit.638068 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Transbyte | Scooper News App |
Affected:
1.0
Affected: 1.1 Affected: 1.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9674",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T14:56:50.321127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T15:54:53.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.hatsune.eagleee.md#steps-to-reproduce"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.hatsune.eagleee.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.hatsune.eagleee"
],
"product": "Scooper News App",
"vendor": "Transbyte",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "1.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in Transbyte Scooper News App up to 1.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.hatsune.eagleee. This manipulation causes improper export of android application components. The attack requires local access. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Transbyte Scooper News App bis 1.2 auf Android gefunden. Betroffen davon ist ein unbekannter Prozess der Datei AndroidManifest.xml der Komponente com.hatsune.eagleee. Durch Beeinflussen mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:32:07.088Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-321884 | Transbyte Scooper News App com.hatsune.eagleee AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.321884"
},
{
"name": "VDB-321884 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.321884"
},
{
"name": "Submit #638068 | Transbyte App Scooper News: Local To Globa(com.hatsune.eagleee) 1.2 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.638068"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.hatsune.eagleee.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.hatsune.eagleee.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-08-29T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-08-29T12:21:21.000Z",
"value": "VulDB entry last update"
}
],
"title": "Transbyte Scooper News App com.hatsune.eagleee AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-9674",
"datePublished": "2025-08-29T20:32:07.088Z",
"dateReserved": "2025-08-29T10:16:04.238Z",
"dateUpdated": "2025-09-03T15:54:53.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9673 (GCVE-0-2025-9673)
Vulnerability from cvelistv5 – Published: 2025-08-29 20:02 – Updated: 2025-08-29 20:18- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.321883 | vdb-entry |
| https://vuldb.com/?ctiid.321883 | signaturepermissions-required |
| https://vuldb.com/?submit.637925 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Kakao | 헤이카카오 Hey Kakao App |
Affected:
2.17.0
Affected: 2.17.1 Affected: 2.17.2 Affected: 2.17.3 Affected: 2.17.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9673",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T20:17:49.783223Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:18:10.056Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.kakao.i.connect"
],
"product": "\ud5e4\uc774\uce74\uce74\uc624 Hey Kakao App",
"vendor": "Kakao",
"versions": [
{
"status": "affected",
"version": "2.17.0"
},
{
"status": "affected",
"version": "2.17.1"
},
{
"status": "affected",
"version": "2.17.2"
},
{
"status": "affected",
"version": "2.17.3"
},
{
"status": "affected",
"version": "2.17.4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Kakao \ud5e4\uc774\uce74\uce74\uc624 Hey Kakao App up to 2.17.4 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.kakao.i.connect. The manipulation results in improper export of android application components. The attack requires a local approach. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Kakao \ud5e4\uc774\uce74\uce74\uc624 Hey Kakao App bis 2.17.4 auf Android ist eine Schwachstelle entdeckt worden. Betroffen ist eine unbekannte Verarbeitung der Datei AndroidManifest.xml der Komponente com.kakao.i.connect. Durch das Beeinflussen mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Der Angriff muss auf lokaler Ebene erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:02:08.396Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-321883 | Kakao \ud5e4\uc774\uce74\uce74\uc624 Hey Kakao App com.kakao.i.connect AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.321883"
},
{
"name": "VDB-321883 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.321883"
},
{
"name": "Submit #637925 | Kakao Corp. Hey Kakao(com.kakao.i.connect) 2.17.4 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.637925"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.kakao.i.connect.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.kakao.i.connect.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-08-29T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-08-29T12:19:42.000Z",
"value": "VulDB entry last update"
}
],
"title": "Kakao \ud5e4\uc774\uce74\uce74\uc624 Hey Kakao App com.kakao.i.connect AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-9673",
"datePublished": "2025-08-29T20:02:08.396Z",
"dateReserved": "2025-08-29T10:14:10.723Z",
"dateUpdated": "2025-08-29T20:18:10.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Strategy: Attack Surface Reduction
If they do not need to be shared by other applications, explicitly mark components with android:exported="false" in the application manifest.
Mitigation
Strategy: Attack Surface Reduction
If you only intend to use exported components between related apps under your control, use android:protectionLevel="signature" in the xml manifest to restrict access to applications signed by you.
Mitigation
Strategy: Attack Surface Reduction
Limit Content Provider permissions (read/write) as appropriate.
Mitigation
Strategy: Separation of Privilege
Limit Content Provider permissions (read/write) as appropriate.
No CAPEC attack patterns related to this CWE.