本ページは truesec lapswebui に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-15554 | Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords. | db4dfee8-a97e-4877-bfae-eba6d14a2166 | 6.0 | 0.14% | 2026-03-16 | 2026-04-07 |
| CVE-2025-15553 | Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password. | db4dfee8-a97e-4877-bfae-eba6d14a2166 | 6.0 | 0.11% | 2026-03-16 | 2026-04-20 |
| CVE-2025-15552 | Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password. | db4dfee8-a97e-4877-bfae-eba6d14a2166 | 6.0 | 0.11% | 2026-03-16 | 2026-04-20 |