"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearBI
Bitwarden - The unofficial Bitwarden community ASK_ME_ABOUT_LOOM Now 100%

Bitwarden Windows Client vulnerability prior to 2023.4.0: CVE-2023-27706

https://nvd.nist.gov/vuln/detail/CVE-2023-27706

Bitwarden Desktop v1.20.0 and above stores the biometric key in plaintext which allows a local attacker to decrypt the entire local vault if you are using Windows Hello and are not on the latest version. The Bitwarden Windows client before version 2023.4.0 is affected.

Details here: https://hackerone.com/reports/1874155

(shamelessly stolen from reddit)

10
1
Comments 1