virus logo Endpoint Vulnerability

KeePass CVE-2023-24055 Information Disclosure Vulnerability

description-logoDescription

In KeePass up to 2.53, an attacker with write access to the XML configuration file can add an export trigger to retrieve cleartext passwords, exposing sensitive information.

affected-products-logoAffected Applications

KeePass

Version Updates

Date Version Status Detail
2025-10-09 1.00920
Modified
 KeePass
2025-01-07 1.00799
Modified
 KeePass
2023-02-28 1.00408
New
 KeePass

References

https://keepass.info/help/kb/sec_issues.html
ID 4842
Created Feb 28, 2023
Description
Updated		 Jan 16, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor KeePass
Patch manual
Application KeePass