heisec@social.heise.de - BSI warnt vor KeePassXC-Schwachstellen
Das BSI warnt vor Schwachstellen im Passwort-Manager KeePassXC. Angreifer können Dateien oder das Master-Passwort ohne Authentifzierungsrückfrage manipulieren.
[The BSI warns of vulnerabilities in the password manager KeePassXC. Attackers can manipulate files or the master password without authentication confirmation.]
KeePassXC is not affected by this vulnerability.
Edit: Different issue.
That’s not the issue mentioned in the article. Which is
CVE-2023-35866
.gotcha
Added to original comment. Both are recent issues, so confusion is forgivable.
This is also the vulnerability that made many people delete Keepass 2 for XC many months ago so it is very strange that they make an article that sounds like it’s a new vulnerability.