CVE-2025-9102

A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published: Aug 18, 2025
Updated: Aug 19, 2025
CVE: CVE-2025-9102
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://github.com/KMov-g/androidapps/blob/main/com.mail.mobile.android.mail.md
https://github.com/KMov-g/androidapps/blob/main/com.mail.mobile.android.mail.md#steps-to-reproduce
https://vuldb.com/?ctiid.320424
https://vuldb.com/?id.320424
https://vuldb.com/?submit.628264

Vulnerability Database

CVE-2025-9102

Deep Security Visibility Without the Complexity