VYPR

Lapswebui

by Truesec

CVEs (3)

  • CVE-2025-15554HigMar 16, 2026
    risk 0.51cvss 7.8epss 0.00

    Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords.

  • CVE-2025-15552HigMar 16, 2026
    risk 0.51cvss 7.8epss 0.00

    Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password.

  • CVE-2025-15553HigMar 16, 2026
    risk 0.46cvss 7.1epss 0.00

    Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password.