German BSI warns of vulnerabilities in the password manager KeePassXC. Attackers can manipulate files or the master password without authentication confirmation
www.heise.deAccording to the article, a attacker can manipulate the master password on unlocked database, without to re-nter credentials. A attacker can also extract/export a database without confirmation.
As long the database us locked, this should be no issue.
CVE-2023-35866
Comments 0