← volver
CVE-2025-9695

GalleryVault Gallery Vault App com.thinkyeah.galleryvault AndroidManifest.xml improper export of android application components

CVSS 4.8 MEDIUMEPSS 0.2%CWE-926
A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.thinkyeah.galleryvault. The manipulation leads to improper export of android application components. The attack can only be performed from a local environment. The exploit is publicly available and might be used.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Productos afectados
GalleryVault · Gallery Vault App

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/KMov-g/androidapps/blob/main/com.thinkyeah.galleryvault.mdhttps://github.com/KMov-g/androidapps/blob/main/com.thinkyeah.galleryvault.md#steps-to-reproducehttps://vuldb.com/?ctiid.321906https://vuldb.com/?id.321906https://vuldb.com/?submit.639039