We believe that all of the vulnerabilities we discovered have been mitigated by Threema's recent patches. This means that, at this time, the security issues we found no longer pose any threat to Threema customers, including OnPrem instances that have been kept up-to-date. On the other hand, some of the vulnerabilities we discovered may have been present in Threema for a long time.
For what it's worth, and obviously I could have been clearer about this: what's interesting about that link is the description of Threema's design, not the specific vulnerabilities the team found.
