Bug in KeePass Open Source Password Manager
A security researcher discovered a bug in the open-source password manager called KeePass. If hackers exploit the flaw, they could retrieve your master password.
This is the second time the researcher has found a flaw in this password manager. But this is way worse as it affects KeePass 2. x versions for MacOS, Linux, and Windows. Attackers can obtain the master password even if your workspace is closed.
The maintainer has developed a resolution for this bug. But the fix will only be available in early June when version 2.54 is released.
The researcher who uncovered the vulnerability has released a proof-of-concept on GitHub. The researcher said that “no code execution on the target system is required, just a memory dump.” It means that it will not matter where the memory comes from. The attacker can retrieve the master…