CVE-2025-47730
Published
CVSS v3
4.8
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive Signal) app with the credentials of logfile for the user and enRR8UVVywXYbFkqU#QDPRkO for the password.
Unofficial and insecure Signal app, used by senior Trump officials like Mike Waltz, downloaded from the official TeleMessage website
GitHub