COOEY // HUBcompliance · community · intelligence

FAIL › dossier

TM SGNL product

3
failure events
0
zero-days
0
RCEs
3
on KEV
0
critical
50
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2025-07-01 CVE-2025-48927 high ⌖KEV 50 TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI.
2025-07-01 CVE-2025-48928 high ⌖KEV 50 TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be inc
2025-05-12 CVE-2025-47729 high ⌖KEV 50 TeleMessage TM SGNL contains a hidden functionality vulnerability in which the archiving backend holds cleartext copies of messages from TM SGNL application users.