<ul data-eligibleForWebStory="false">U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog.Two flaws affecting TeleMessage TM SGNL added to the KEV catalog with CVE-2025-48927 and CVE-2025-48928.CVE-2025-48927 involves insecure default vulnerability due to misconfigured Spring Boot Actuator.CVE-2025-48928 exposes core dump file with heap content including passwords sent over HTTP.