GalleryVault Gallery Vault App com.thinkyeah.galleryvault AndroidManifest.xml improper export of android...

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.thinkyeah.galleryvault. The manipulation leads to improper export of android application components. The attack can only be performed from a local environment. The exploit is publicly available and might be used.

Basic Information

ID CVE-2025-9695

Source VulDB

Published Aug 30, 2025 at 15:32

Affected Product

Vendor GalleryVault

Product Gallery Vault App

Version 4.5.0

Affected Versions GalleryVault Gallery Vault App 4.5.0
GalleryVault Gallery Vault App 4.5.1
GalleryVault Gallery Vault App 4.5.2

CWE Classification

CWE-926

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.thinkyeah.galleryvault. The manipulation leads to improper export of android application components. The attack can only be performed from a local environment. The exploit is publicly available and might be used.",
    "published": "2025-08-30T15:32:06.939Z",
    "modified": "2025-08-30T15:32:06.939Z",
    "type": "cve",
    "title": "GalleryVault Gallery Vault App com.thinkyeah.galleryvault AndroidManifest.xml improper export of android application components",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.321906\nhttps://vuldb.com/?ctiid.321906\nhttps://vuldb.com/?submit.639039\nhttps://github.com/KMov-g/androidapps/blob/main/com.thinkyeah.galleryvault.md\nhttps://github.com/KMov-g/androidapps/blob/main/com.thinkyeah.galleryvault.md#steps-to-reproduce",
    "id": "CVE-2025-9695",
    "bulletinFamily": "",
    "cwe": [
        "CWE-926"
    ],
    "cvelist": null,
    "sourceData": "GalleryVault Gallery Vault App 4.5.0\nGalleryVault Gallery Vault App 4.5.1\nGalleryVault Gallery Vault App 4.5.2",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Gallery Vault App",
    "version": "4.5.0",
    "vendor": "GalleryVault",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

GalleryVault Gallery Vault App com.thinkyeah.galleryvault AndroidManifest.xml improper export of android application components_CVE-2025-9695