CWE-926
AllowedImproper Export of Android Application Components
Abstraction: Variant · Status: Incomplete
The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.
147 vulnerabilities reference this CWE, most recent first.
CVE-2026-54318 (GCVE-0-2026-54318)
Vulnerability from cvelistv5 – Published: 2026-06-23 17:40 – Updated: 2026-06-24 13:35- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://github.com/home-assistant/core/security/a… | x_refsource_CONFIRM |
| https://github.com/home-assistant/android/pull/6837 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| home-assistant | core |
Affected:
< 2026.5.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-54318",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-24T13:35:30.887367Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T13:35:52.252Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/home-assistant/core/security/advisories/GHSA-77r5-pw5w-mgj3"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "core",
"vendor": "home-assistant",
"versions": [
{
"status": "affected",
"version": "\u003c 2026.5.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceiver is exported with no permission. Any installed app, with zero runtime permissions, can broadcast a forged Google Play Services LocationResult directly to it; the receiver trusts the extra and forwards it to the user\u0027s Home Assistant server as the device\u0027s real location. This bypasses Android\u0027s developer-mode \"Mock Location\" gate and allows a local malicious app to drive zone-based automations (unlock door / disarm alarm / open garage) by faking the user\u0027s GPS position. This vulnerability is fixed in 2026.5.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926: Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T17:40:28.853Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/home-assistant/core/security/advisories/GHSA-77r5-pw5w-mgj3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/home-assistant/core/security/advisories/GHSA-77r5-pw5w-mgj3"
},
{
"name": "https://github.com/home-assistant/android/pull/6837",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/home-assistant/android/pull/6837"
}
],
"source": {
"advisory": "GHSA-77r5-pw5w-mgj3",
"discovery": "UNKNOWN"
},
"title": "Home Assistant: Exported BroadcastReceiver allows local apps to spoof device location"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-54318",
"datePublished": "2026-06-23T17:40:28.853Z",
"dateReserved": "2026-06-12T18:42:02.223Z",
"dateUpdated": "2026-06-24T13:35:52.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44279 (GCVE-0-2026-44279)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:54 – Updated: 2026-06-26 08:23- CWE-926 - Improper access control
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiTokenAndroid |
Affected:
6.2.0
Affected: 6.1.0 Affected: 5.2.0 , ≤ 5.2.2 (semver) cpe:2.3:a:fortinet:fortitokenandroid:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortitokenandroid:6.1.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortitokenandroid:5.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortitokenandroid:5.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortitokenandroid:5.2.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T18:59:55.342232Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:02:36.321Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortitokenandroid:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortitokenandroid:6.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortitokenandroid:5.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortitokenandroid:5.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortitokenandroid:5.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiTokenAndroid",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "6.2.0"
},
{
"status": "affected",
"version": "6.1.0"
},
{
"lessThanOrEqual": "5.2.2",
"status": "affected",
"version": "5.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to disclose information via an exported Content Provider URI."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T08:23:24.786Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-130",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-130"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiTokenAndroid version 6.4.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2026-44279",
"datePublished": "2026-05-12T16:54:09.625Z",
"dateReserved": "2026-05-05T17:24:18.895Z",
"dateUpdated": "2026-06-26T08:23:24.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12960 (GCVE-0-2026-12960)
Vulnerability from cvelistv5 – Published: 2026-07-03 02:00 – Updated: 2026-07-06 15:42- CWE-926 - Improper Export of Android Application Components
| Vendor | Product | Version | |
|---|---|---|---|
| ASUS | Router app |
Affected:
0 , ≤ 1.0.0.9.71
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12960",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-06T15:42:42.380949Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-06T15:42:50.120Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Router app",
"vendor": "ASUS",
"versions": [
{
"lessThanOrEqual": "1.0.0.9.71",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asus:router_app:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.0.9.71",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sedric Louissaint"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL.\u003cbr\u003e\u003cspan\u003eRefer to the \u0027\u003c/span\u003e\nSecurity Update for ASUS Router Android App\u0026nbsp;\u003cspan\u003e\u0027 section on the ASUS Security Advisory for more information.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL.\nRefer to the \u0027\nSecurity Update for ASUS Router Android App\u00a0\u0027 section on the ASUS Security Advisory for more information."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-03T02:00:14.942Z",
"orgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1",
"shortName": "ASUS"
},
"references": [
{
"url": "https://www.asus.com/security-advisory/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1",
"assignerShortName": "ASUS",
"cveId": "CVE-2026-12960",
"datePublished": "2026-07-03T02:00:14.942Z",
"dateReserved": "2026-06-23T05:33:05.433Z",
"dateUpdated": "2026-07-06T15:42:50.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3291 (GCVE-0-2026-3291)
Vulnerability from cvelistv5 – Published: 2026-05-06 21:53 – Updated: 2026-05-07 13:17- CWE-926 - Improper export of android application components
| Vendor | Product | Version | |
|---|---|---|---|
| HP, Inc | Samsung Print Service Plugin |
Affected:
0 , < <3.12.260420
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3291",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-07T13:13:56.886775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T13:17:16.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Samsung Print Service Plugin",
"vendor": "HP, Inc",
"versions": [
{
"lessThan": "\u003c3.12.260420",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities."
}
],
"value": "Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper export of android application components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T21:53:03.780Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_14864662-14864690-16/hpsbgn04093"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Samsung Print Service Plugin \u2013 Potential Information Disclosure",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2026-3291",
"datePublished": "2026-05-06T21:53:03.780Z",
"dateReserved": "2026-02-26T17:39:25.534Z",
"dateUpdated": "2026-05-07T13:17:16.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-27599 (GCVE-0-2025-27599)
Vulnerability from cvelistv5 – Published: 2025-04-18 15:49 – Updated: 2025-04-18 16:06| URL | Tags |
|---|---|
| https://github.com/element-hq/element-x-android/s… | x_refsource_CONFIRM |
| https://github.com/element-hq/element-x-android/c… | x_refsource_MISC |
| https://github.com/element-hq/element-x-android/r… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| element-hq | element-x-android |
Affected:
< 25.04.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T16:05:58.191971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T16:06:04.952Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "element-x-android",
"vendor": "element-hq",
"versions": [
{
"status": "affected",
"version": "\u003c 25.04.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Element X Android is a Matrix Android Client provided by element.io. Prior to version 25.04.2, a crafted hyperlink on a webpage, or a locally installed malicious app, can force Element X up to version 25.04.1 to load a webpage with similar permissions to Element Call and automatically grant it temporary access to microphone and camera. This issue has been patched in version 25.04.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926: Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T15:49:11.899Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/element-hq/element-x-android/security/advisories/GHSA-m5px-pwq3-4p5m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/element-hq/element-x-android/security/advisories/GHSA-m5px-pwq3-4p5m"
},
{
"name": "https://github.com/element-hq/element-x-android/commit/dc058544d7e693c04298191c1aadd5b39c9be52e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/element-hq/element-x-android/commit/dc058544d7e693c04298191c1aadd5b39c9be52e"
},
{
"name": "https://github.com/element-hq/element-x-android/releases/tag/v25.04.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/element-hq/element-x-android/releases/tag/v25.04.2"
}
],
"source": {
"advisory": "GHSA-m5px-pwq3-4p5m",
"discovery": "UNKNOWN"
},
"title": "Element X Android vulnerable to loading malicious web pages via received intent"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-27599",
"datePublished": "2025-04-18T15:49:11.899Z",
"dateReserved": "2025-03-03T15:10:34.078Z",
"dateUpdated": "2025-04-18T16:06:04.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-15464 (GCVE-0-2025-15464)
Vulnerability from cvelistv5 – Published: 2026-01-08 21:01 – Updated: 2026-01-08 23:04- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://korelogic.com/Resources/Advisories/KL-001… | third-party-advisory |
| https://korelogic.com/Resources/Advisories/KL-001… | exploit |
| http://seclists.org/fulldisclosure/2026/Jan/12 |
| Vendor | Product | Version | |
|---|---|---|---|
| yintibao | Fun Print Mobile |
Affected:
6.05.15
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-15464",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T21:29:21.276464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T21:31:51.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://korelogic.com/Resources/Advisories/KL-001-2026-001.poc.js.txt"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-01-08T23:04:12.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2026/Jan/12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Android"
],
"product": "Fun Print Mobile",
"vendor": "yintibao",
"versions": [
{
"status": "affected",
"version": "6.05.15",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yintibao:fun_print_mobile:6.05.15:*:android:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Felix Segoviano of KoreLogic, Inc."
}
],
"datePublic": "2026-01-08T20:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Exported Activity allows external applications to gain application context and directly launch Gmail with inbox access, bypassing security controls.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Exported Activity allows external applications to gain application context and directly launch Gmail with inbox access, bypassing security controls."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T21:01:31.240Z",
"orgId": "bbf0bd87-ece2-41be-b873-96928ee8fab9",
"shortName": "KoreLogic"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://korelogic.com/Resources/Advisories/KL-001-2026-001.txt"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "KL-001-2026-01: yintibao Fun Print Mobile Unauthorized Access via Context Hijacking",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bbf0bd87-ece2-41be-b873-96928ee8fab9",
"assignerShortName": "KoreLogic",
"cveId": "CVE-2025-15464",
"datePublished": "2026-01-08T21:01:31.240Z",
"dateReserved": "2026-01-05T20:33:47.411Z",
"dateUpdated": "2026-01-08T23:04:12.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14517 (GCVE-0-2025-14517)
Vulnerability from cvelistv5 – Published: 2025-12-11 14:02 – Updated: 2025-12-11 14:50- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.335855 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.335855 | signaturepermissions-required |
| https://vuldb.com/?submit.702811 | third-party-advisory |
| https://mesquite-dream-86b.notion.site/uCrop-Libr… | related |
| https://mesquite-dream-86b.notion.site/uCrop-Libr… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14517",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T14:44:41.118617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T14:50:44.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "uCrop",
"vendor": "Yalantis",
"versions": [
{
"status": "affected",
"version": "2.2.11"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "arrester (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity\u00a0 of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T14:02:09.594Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-335855 | Yalantis uCrop AndroidManifest.xml UCropActivity\u00a0 improper export of android application components",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.335855"
},
{
"name": "VDB-335855 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.335855"
},
{
"name": "Submit #702811 | uCrop Android Library uCrop 2.2.11 Intent Spoofing",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.702811"
},
{
"tags": [
"related"
],
"url": "https://mesquite-dream-86b.notion.site/uCrop-Library-SSRF-and-Intent-Spoofing-2b8512562197804dae69edf96b942446?source=copy_link"
},
{
"tags": [
"exploit"
],
"url": "https://mesquite-dream-86b.notion.site/uCrop-Library-SSRF-and-Intent-Spoofing-2b8512562197804dae69edf96b942446#469832583e0444dcb3d08b0ca661d1c6"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-12-11T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-12-11T07:51:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "Yalantis uCrop AndroidManifest.xml UCropActivity\u00a0 improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-14517",
"datePublished": "2025-12-11T14:02:09.594Z",
"dateReserved": "2025-12-11T06:46:00.975Z",
"dateUpdated": "2025-12-11T14:50:44.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10722 (GCVE-0-2025-10722)
Vulnerability from cvelistv5 – Published: 2025-09-19 17:32 – Updated: 2025-09-19 17:47- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325015 | vdb-entry |
| https://vuldb.com/?ctiid.325015 | signaturepermissions-required |
| https://vuldb.com/?submit.645019 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| SKTLab | Mukbee App |
Affected:
1.01.196
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10722",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T17:46:42.072747Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T17:47:23.689Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.dw.android.mukbee"
],
"product": "Mukbee App",
"vendor": "SKTLab",
"versions": [
{
"status": "affected",
"version": "1.01.196"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in SKTLab Mukbee App 1.01.196 on Android. This affects an unknown function of the file AndroidManifest.xml of the component com.dw.android.mukbee. The manipulation results in improper export of android application components. The attack must be initiated from a local position. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In SKTLab Mukbee App 1.01.196 auf Android ist eine Schwachstelle entdeckt worden. Betroffen ist eine unbekannte Verarbeitung der Datei AndroidManifest.xml der Komponente com.dw.android.mukbee. Mittels dem Manipulieren mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Der Angriff muss lokal durchgef\u00fchrt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T17:32:10.026Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325015 | SKTLab Mukbee App com.dw.android.mukbee AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325015"
},
{
"name": "VDB-325015 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325015"
},
{
"name": "Submit #645019 | SKTLab Mukbee 1.01.196 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.645019"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.dw.android.mukbee.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.dw.android.mukbee.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-19T13:32:09.000Z",
"value": "VulDB entry last update"
}
],
"title": "SKTLab Mukbee App com.dw.android.mukbee AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10722",
"datePublished": "2025-09-19T17:32:10.026Z",
"dateReserved": "2025-09-19T11:27:05.988Z",
"dateUpdated": "2025-09-19T17:47:23.689Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10721 (GCVE-0-2025-10721)
Vulnerability from cvelistv5 – Published: 2025-09-19 17:32 – Updated: 2025-09-19 17:50- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325010 | vdb-entry |
| https://vuldb.com/?ctiid.325010 | signaturepermissions-required |
| https://vuldb.com/?submit.645014 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/o… | related |
| https://github.com/KMov-g/androidapps/blob/main/o… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Webull | Investing & Trading App |
Affected:
11.2.5.63
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10721",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T17:50:01.586779Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T17:50:32.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Investing \u0026 Trading App",
"vendor": "Webull",
"versions": [
{
"status": "affected",
"version": "11.2.5.63"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Webull Investing \u0026 Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml. This manipulation causes improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Webull Investing \u0026 Trading App 11.2.5.63 auf Android wurde eine Schwachstelle gefunden. Dies betrifft einen unbekannten Teil der Datei AndroidManifest.xml. Dank der Manipulation mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Der Angriff erfordert einen lokalen Zugriff. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T17:32:07.489Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325010 | Webull Investing \u0026 Trading App AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325010"
},
{
"name": "VDB-325010 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325010"
},
{
"name": "Submit #645014 | ebull Technologies Pte. Ltd. webbull-stock 11.2.5.63 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.645014"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/org.dayup.stocks.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/org.dayup.stocks.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-19T13:29:41.000Z",
"value": "VulDB entry last update"
}
],
"title": "Webull Investing \u0026 Trading App AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10721",
"datePublished": "2025-09-19T17:32:07.489Z",
"dateReserved": "2025-09-19T11:23:57.381Z",
"dateUpdated": "2025-09-19T17:50:32.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10718 (GCVE-0-2025-10718)
Vulnerability from cvelistv5 – Published: 2025-09-19 16:02 – Updated: 2025-09-19 17:59- CWE-926 - Improper Export of Android Application Components
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325009 | vdb-entry |
| https://vuldb.com/?ctiid.325009 | signaturepermissions-required |
| https://vuldb.com/?submit.645012 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Ooma | Office Business Phone App |
Affected:
7.2.0
Affected: 7.2.1 Affected: 7.2.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10718",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T17:59:11.383059Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T17:59:24.238Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.ooma.office2"
],
"product": "Office Business Phone App",
"vendor": "Ooma",
"versions": [
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.2.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipulation results in improper export of android application components. The attack needs to be approached locally. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Ooma Office Business Phone App bis 7.2.2 auf Android entdeckt. Das betrifft eine unbekannte Funktionalit\u00e4t der Komponente com.ooma.office2. Die Bearbeitung verursacht improper export of android application components. Umgesetzt werden muss der Angriff lokal. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T16:02:06.783Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325009 | Ooma Office Business Phone App com.ooma.office2 improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325009"
},
{
"name": "VDB-325009 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325009"
},
{
"name": "Submit #645012 | Ooma Ooma Office 7.2.2 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.645012"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.ooma.office2.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-19T11:42:20.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ooma Office Business Phone App com.ooma.office2 improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10718",
"datePublished": "2025-09-19T16:02:06.783Z",
"dateReserved": "2025-09-19T09:37:16.158Z",
"dateUpdated": "2025-09-19T17:59:24.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Strategy: Attack Surface Reduction
If they do not need to be shared by other applications, explicitly mark components with android:exported="false" in the application manifest.
Mitigation
Strategy: Attack Surface Reduction
If you only intend to use exported components between related apps under your control, use android:protectionLevel="signature" in the xml manifest to restrict access to applications signed by you.
Mitigation
Strategy: Attack Surface Reduction
Limit Content Provider permissions (read/write) as appropriate.
Mitigation
Strategy: Separation of Privilege
Limit Content Provider permissions (read/write) as appropriate.
No CAPEC attack patterns related to this CWE.