CVE-2025-48927 – Apache TeleMessage Spring Boot Actuator Heap Dump Exposed Endpoint Vulnerability

May 28, 2025

CVE ID : CVE-2025-48927

Published : May 28, 2025, 5:15 p.m. | 22 minutes ago

Description : The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48928 – TeleMessage JSP Heap Information Disclosure

Next Article CVE-2025-48926 – TeleMessage Information Disclosure

Highlights

CVE-2025-6863 – PHPGurukul Local Services Search Engine Management System SQL Injection Vulnerability

June 29, 2025

CVE ID : CVE-2025-6863

Published : June 29, 2025, 3:15 p.m. | 2 hours, 35 minutes ago

Description : A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/edit-category-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

I took a walk with Meta’s new Oakley smart glasses – they beat my Ray-Bans in every way

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Top 7 Computer Performance Test Tools Online (Free & Fast)

Top 7 Computer Performance Test Tools Online (Free & Fast)

10 Best Windows 11 Encryption Software

Google Chrome Is Testing Dynamic Country Detection for Region-Specific Features

CVE-2025-48927 – Apache TeleMessage Spring Boot Actuator Heap Dump Exposed Endpoint Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Pen Testing for Compliance Only? It’s Time to Change Your Approach

SonicWall SMA Devices Under Attack: UNC6148 Deploys OVERSTEP Rootkit for Persistent Access

30% Faster Travel? Dubai’s AI Plan Is Blowing Minds

Microsoft resolves Windows 11 password rotation issue for Enterprise Devices

CVE-2025-6863 – PHPGurukul Local Services Search Engine Management System SQL Injection Vulnerability

CVE-2025-44083 – D-Link DI-8100 Remote Authentication Bypass Vulnerability

Tx-SmarTest – Unlock Smarter QA with AI-Powered Platform

CVE-2025-20309 affects Cisco Unified CM

CVE-2025-48927 – Apache TeleMessage Spring Boot Actuator Heap Dump Exposed Endpoint Vulnerability

Related Posts