This page aggregates publicly disclosed CVE and security risk information related to truesec, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-15554 | Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords. | db4dfee8-a97e-4877-bfae-eba6d14a2166 | 6.0 | 0.01% | 2026-03-16 | 2026-04-07 |
| CVE-2025-15553 | Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password. | db4dfee8-a97e-4877-bfae-eba6d14a2166 | 6.0 | 0.01% | 2026-03-16 | 2026-04-20 |
| CVE-2025-15552 | Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password. | db4dfee8-a97e-4877-bfae-eba6d14a2166 | 6.0 | 0.01% | 2026-03-16 | 2026-04-20 |