Smarsh Telemessage
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Smarsh Telemessage.
By the Year
In 2026 there have been 0 vulnerabilities in Smarsh Telemessage. Last year, in 2025 Telemessage had 2 security vulnerabilities published. Right now, Telemessage is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 4.65 |
It may take a day or so for new Telemessage vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Smarsh Telemessage Security Vulnerabilities
TeleMessage JSP Heap Dump Disclosure of HTTP Passwords
CVE-2025-48928
4 - Medium
- May 28, 2025
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
Exposure of Core Dump File to an Unauthorized Control Sphere
TeleMessage: Exposed Actuator /heapdump Endpoint Allows Heap Dump Leak
CVE-2025-48927
5.3 - Medium
- May 28, 2025
The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.
Insecure Default Initialization of Resource
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Smarsh Telemessage or by Smarsh? Click the Watch button to subscribe.
