CVE-2025-9093

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: BuzzFeed App version 2024.9

Description: A security vulnerability has been detected in BuzzFeed App 2024.9 on Android. The issue affects an unknown part of the file AndroidManifest.xml of the component com.buzzfeed.android, leading to improper export of Android application components. The attack requires local access. The exploit has been publicly disclosed and may be used.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-926

Related Identifiers

CVE-2025-9093

Affected Products

Android

Buzzfeed App

CVE-2025-9093

Weakness Enumeration

Related Identifiers

Affected Products

References · 11