CVE-2025-9093
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-17

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security vulnerability has been detected in BuzzFeed App 2024.9 on Android. This affects an unknown part of the file AndroidManifest.xml of the component com.buzzfeed.android. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-17
Last Modified
2026-04-29
Generated
2026-05-27
AI Q&A
2025-08-18
EPSS Evaluated
2026-05-25
NVD
CVE-2025-9093
EUVD
EUVD-2025-28811
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
buzzfeed buzzfeed 2024.9
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-926 The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the BuzzFeed App 2024.9 on Android involves improper export of application components due to manipulation of the AndroidManifest.xml file. It allows local attackers to exploit the app by accessing components that should not be exposed, potentially leading to unauthorized actions within the app.


How can this vulnerability impact me? :

The vulnerability can impact you by allowing a local attacker to access and manipulate parts of the app that are improperly exported. This could lead to unauthorized information disclosure, modification, or other malicious actions within the app environment.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart