Open source password manager KeePass sports a MitM vulnerability that could allow attackers to trick users into downloading malware disguised as a software update, security researcher Florian Bogner warns.
All versions of KeePass, including the latest, are vulnerable. The team developing the software is aware of the flaw (CVE-2016-5119), but they currently have no intention of fixing it.
Full Article