PYSEC-2026-84

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/lesspass/PYSEC-2026-84.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2026-84

Aliases

CVE-2025-70050

Published

2026-03-09T16:16:15.977Z

Modified

2026-05-21T15:00:04.958708500Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue pertaining to CWE-312: Cleartext Storage of Sensitive Information was discovered in lesspass lesspass v9.6.9 which allows attackers to obtain sensitive information.

References

Affected packages

PyPI / lesspass

Package

Name: lesspass; View open source insights on deps.dev
Purl: pkg:pypi/lesspass

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

9.6.9

Affected versions

6.*

6.0.0

6.1.0

7.*

7.0.1

7.0.2

8.*

8.0.1

8.1.1

9.*

9.1.0

9.1.1

9.1.2

9.1.3

9.1.4

9.1.6

9.1.7

9.1.8

9.1.9

9.2.0

9.3.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/lesspass/PYSEC-2026-84.yaml"