{"vulnerability": "CVE-2025-47730", "sightings": [{"uuid": "d8ad5578-b8f8-4b59-8570-c1f338927e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47730", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15519", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47730\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive Signal) app with the credentials of logfile for the user and enRR8UVVywXYbFkqU#QDPRkO for the password.\n\ud83d\udccf Published: 2025-05-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-08T13:16:24.374Z\n\ud83d\udd17 References:\n1. https://news.ycombinator.com/item?id=43909220\n2. https://arstechnica.com/security/2025/05/signal-clone-used-by-trump-official-stops-operations-after-report-it-was-hacked/\n3. https://www.theregister.com/2025/05/05/telemessage_investigating/\n4. https://github.com/micahflee/TM-SGNL-Android/blob/bd7ccbb8bc79193fc4c57cae7cc1051e6250fa89/app/src/tm/java/org/archiver/ArchiveConstants.kt#L45-:L46", "creation_timestamp": "2025-05-08T13:24:36.000000Z"}, {"uuid": "2d9f5eef-d574-40f3-96aa-65e2cf70f24c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47730", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loo2kdexbxg2", "content": "", "creation_timestamp": "2025-05-08T14:05:35.928423Z"}, {"uuid": "0ee6ebdc-f768-4f03-b0bc-97dbde9c04da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47730", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114472660231562952", "content": "", "creation_timestamp": "2025-05-08T14:22:56.469868Z"}, {"uuid": "8a0226bf-8fc9-49b8-a5ab-7da209d8bb25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47730", "type": "seen", "source": "https://bsky.app/profile/todb2.hugesuccess.org/post/3loo5xjgi2452", "content": "", "creation_timestamp": "2025-05-08T14:51:21.974580Z"}, {"uuid": "aaf88f4d-6b08-4ad3-b99f-b28be1a5399f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47730", "type": "seen", "source": "https://infosec.exchange/users/todb/statuses/114472771122739056", "content": "", "creation_timestamp": "2025-05-08T14:52:10.118726Z"}, {"uuid": "706ad442-23fe-43d9-b07c-a315e0fc29a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47730", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lord65rmib27", "content": "", "creation_timestamp": "2025-05-09T21:02:22.926179Z"}, {"uuid": "b69f7bfa-3de1-4def-b70f-3878d89ea944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47730", "type": "seen", "source": "https://t.me/cvedetector/24824", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47730 - TeleMessage API Authentication Token Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-47730 \nPublished : May 8, 2025, 2:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive Signal) app with the credentials of logfile for the user and enRR8UVVywXYbFkqU#QDPRkO for the password. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T17:36:59.000000Z"}]}