THREAT OPS › CVEs › CVE-2025-48927
CVE-2025-48927 — TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability
TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI.
Vulnerability details
- Affected productsTM SGNL
- KEV remediation due2025-07-22