CVE-2025-15554

UNKNOWN 0.0

Admin Passwords Cached by Browsers in Truesec LAPSWebUI

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords.

CWE	CWE-525
Vendor	truesec
Product	lapswebui
Published	Mar 16, 2026
Last Updated	Mar 16, 2026

Stay Ahead of the Next One

Get instant alerts for truesec lapswebui

Be the first to know when new unknown vulnerabilities affecting truesec lapswebui are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Truesec / LAPSWebUI

0 < 2.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

labs.reversec.com: https://labs.reversec.com/advisories/2026/03/admin-passwords-cached-by-browsers-in-truesec-lapswebui

Credits

Laban Sköllermark at Reversec Sweden AB