Improper Export Vulnerability in BuzzFeed App for Android
CVE-2025-9093

5.3MEDIUM

Key Information:

Vendor: BuzzFeed
Status: BuzzFeed App
Vendor: CVE Published:; 17 August 2025

What is CVE-2025-9093?

A security issue has been identified in the BuzzFeed App version 2024.9 for Android, specifically within the AndroidManifest.xml file. This vulnerability allows for the improper export of Android application components, potentially leading to unauthorized access to app functionality. The exploitation of this flaw requires local access to the device. Given that the details of this vulnerability have been publicly disclosed, users are urged to take caution and implement necessary security measures to protect their devices.

References

https://github.com/KMov-g/androidapps/blob/main/com.buzzf...

https://vuldb.com/?ctiid.320415

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 17, 2025