CVE-2025-70050

MEDIUM

lesspass v9.6.9 - Info Disclosure

Title source: llm

Description

An issue pertaining to CWE-312: Cleartext Storage of Sensitive Information was discovered in lesspass lesspass v9.6.9 which allows attackers to obtain sensitive information.

References (3)

[Various Sources] https://gist.github.com/zcxlighthouse/12809648370f0e08d71434ff419df28e

[Various Sources] https://github.com/lesspass

[Various Sources] https://github.com/lesspass/lesspass

Scores

CVSS v3 6.5

EPSS 0.0002

EPSS Percentile 5.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE

CWE-312

Status published

Products (1)

lesspass/lesspass 9.6.9

Published Mar 09, 2026

Tracked Since Mar 09, 2026