GHSA-h265-g7rm-h337 (Publication in process, waiting for CVE assignment) This vulnerability would allow an authenticated attacker that is part of an organization to access items from collections to which the attacker does not belong
one thing I’m not willing to self host is vault/bitwarden. My whole life is based in my password manager. I imagine Bitwarden inc has a lot better security than me, and if I lose access to it I’m stuffed.
Bitwarden was the second thing I ever self hosted. On a local server on a UPS and hasn’t really been an issue across 7 years. Every so often I save an encrypted JSON on my main laptop to use with keepass if there’s ever an issue where the server is down for a while.
What are they going to get an encrypted blob.
Already updated yesterday 🤓 All hail the mighty renovate
Renovate? Hrmmmm
Hrmmm?