CISA Warns of Two Exploited TeleMessage Vulnerabilities

The US cybersecurity agency CISA is calling attention to two more vulnerabilities in the messaging application TeleMessage TM SGNL, urging organizations to patch them immediately.

An application that allows users to archive messages sent using WhatsApp, Telegram, and Signal, TeleMessage landed in the spotlight recently, after Trump’s former national security advisor Mike Waltz was seen using it on his phone. Tens of government workers were later found to have been using the application.

Shortly after, Oregon-based communications company Smarsh, which owns the Israel-based TeleMessage, suspended all TeleMessage services after hackers demonstrated that lack of encryption allowed them to obtain chat logs.

The weakness, tracked as CVE-2025-47729 (CVSS score of 4.9), was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in mid-May.

Now, CISA says two other security defects in the TeleMessage service, tracked as CVE-2025-48927 and CVE-2025-48928, have been exploited by hackers.

According to a NIST advisory ...