CVE-2025-48927

⚠ KEVEPSS 9.5%

TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability

Added to CISA KEV: 7/1/2025

Description

TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI.

Affected packages (0)

No package mapping in OSV.