CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-47729

The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.069

EPSS Ranking 90.9%

CVSS Severity

CVSS v3 Score 1.9

Proposed Action

TeleMessage TM SGNL contains a hidden functionality vulnerability in which the archiving backend holds cleartext copies of messages from TM SGNL application users.

Ransomware Campaign

Unknown

References

https://arstechnica.com/security/2025/05/signal-clone-used-by-trump-official-stops-operations-after-report-it-was-hacked/
https://news.ycombinator.com/item?id=43909220
https://www.theregister.com/2025/05/05/telemessage_investigating/

Products affected by CVE-2025-47729

Telemessage » Text Message Archiver » Version: Any

cpe:2.3:a:telemessage:text_message_archiver:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-47729

Products

Pricing

Contact Us