Researcher refuses Telegrams bounty award, discloses auto-delete bug

It looks like self-destructed messages in Telegram weren't fully destructed after the deadline.

https://arstechnica.com/information-tech...elete-bug/

"Tracked as CVE-2021-41861, the flaw is rather simple. In the Telegram Android app versions 7.5.0 to 7.8.0, self-destructed images remain on the device in the /Storage/Emulated/0/Telegram/Telegram Image directory after approximately two to four uses of the self-destruct feature. But the UI appears to indicate to the user that the media was properly destroyed."