Skip to main content
ZDI-26-215 HIGH 7.3 Published Mar 16, 2026

KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

KeePassXC

A high-severity privilege escalation vulnerability (CVE-2026-4158) has been discovered in KeePassXC that allows attackers with low-privileged code execution to escalate their access rights on affected systems. An attacker who can run code with limited user permissions can leverage this flaw to gain elevated privileges, potentially compromising the entire system and any sensitive data managed by the password manager. Security teams should update KeePassXC immediately and review systems where the software is installed, particularly those handling sensitive credentials or operating in multi-user environments.

Related CVE

CVE-2026-4158

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy