CVE-2025-9695
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-30

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.thinkyeah.galleryvault. The manipulation leads to improper export of android application components. The attack can only be performed from a local environment. The exploit is publicly available and might be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-30
Last Modified
2026-04-29
Generated
2026-05-27
AI Q&A
2025-08-30
EPSS Evaluated
2026-05-25
NVD
CVE-2025-9695
EUVD
EUVD-2025-26275
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
galleryvault gallery_vault to 4.5.2 (inc)
google android to 11.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-926 The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-9695 is a vulnerability in the GalleryVault app (version up to 4.5.2) on Android, caused by improper export of application components in the AndroidManifest.xml file. This flaw allows malicious local applications to hijack tasks or inherit permissions from the vulnerable app, potentially enabling attackers to phish login credentials or gain unauthorized access to app data. The issue specifically affects Android versions prior to Android 11 and arises because the app exports components without proper restrictions. [1, 2]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing a malicious app on the same device to hijack tasks of the GalleryVault app, inherit its permissions, and potentially phish sensitive information such as login credentials. It compromises the confidentiality, integrity, and availability of the app's data. Since the attack requires local access, an attacker must have physical or local control of the device to exploit it. The exploit is publicly available and considered easy to perform. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by inspecting the AndroidManifest.xml file of the GalleryVault app (com.thinkyeah.galleryvault) for improperly exported components. Since the attack requires local access, you can check the app's manifest for exported components without proper restrictions. Additionally, Google hacking techniques such as searching for "inurl:AndroidManifest.xml" can help identify vulnerable targets. However, no specific commands are provided in the resources. [2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves modifying the AndroidManifest.xml configuration of the GalleryVault app to prevent unauthorized export of application components, thereby blocking task hijacking. If modification is not feasible, replacing the affected app with an alternative product is suggested. Since the exploit requires local access, limiting physical or local access to the device can also reduce risk. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart