THREATOPS
THREAT OPSCVEs › CVE-2025-48927

CVE-2025-48927 — TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability

CISA KEVExploited: confirmedTeleMessage

TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI.

Vulnerability details