heisec@social.heise.de - BSI warnt vor KeePassXC-Schwachstellen
Das BSI warnt vor Schwachstellen im Passwort-Manager KeePassXC. Angreifer können Dateien oder das Master-Passwort ohne Authentifzierungsrückfrage manipulieren.
[The BSI warns of vulnerabilities in the password manager KeePassXC. Attackers can manipulate files or the master password without authentication confirmation.]
Here is KeePassXC’s response: https://keepassxc.org/blog/2023-06-20-cve-202335866
Basically some random guy with weird misconceptions about security decided this was an issue, it’s obviously not. Honestly concerning that he was able to easily get a CVE for this and even get articles about it published on some websites.