Well it sounds like you just did a security audit of KeePass, albeit an incomplete and cursory one. But as a small open-source project, that's probably better than they have now.
Have you considered submitting this analysis to the KeePass team? Or even better, analysis plus suggested code to fix the problems? As a user of KeePass this would be in your interest.
(And as a user of KeePass myself, it is in my interest to encourage experts to help that project out.)
Have you considered submitting this analysis to the KeePass team? Or even better, analysis plus suggested code to fix the problems? As a user of KeePass this would be in your interest.
(And as a user of KeePass myself, it is in my interest to encourage experts to help that project out.)