CVE-2025-48927 – Apache TeleMessage Spring Boot Actuator Heap Dump Exposed Endpoint Vulnerability

CVE ID : CVE-2025-48927

Published : May 28, 2025, 5:15 p.m. | 29 minutes ago

Description : The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…