CVE-2025-48926

PUBLISHED

The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone...

TeleMessage · service

Recommended Action

Track for updates. Assess relevance to your asset inventory and enrichment workflows.

Confidence
Exploitation Status
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
CVSS / EPSS
4.3 Medium

At a Glance

The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers.

Published
May 28, 2025
First Seen
CVSS
4.3 Medium
EPSS
Remote Low complexity No user interaction

Recommended Actions

  • Track for updates. Assess relevance to your asset inventory and enrichment workflows.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.