Version v7.11.38

With KeePass Client v7.11.38

Release Date

Nov 28th, 2022

These Release Notes detail the differences between this release and the previous Stable.

Download Here

Upgrade Instructions


The following security concerns have been addressed in this release:

  • Vulnerability Patch
    • Summary:
      • Additional information could theoretically allow an authenticated user opportunity to take advantage of leveraging existing authorized access and access information.
      • In a specific security context, insufficient output controls could allow an authenticated user opportunity to exploit handling very specific system information with specialized data values.
      • In a localized security context, insufficient safeguard could allow an authenticated user to store data for system retrieval outside of intended user parameters.
    • Status:
      • This update resolves these concerns.
      • Companies will be given months to deploy this patch, before more specific information is disclosed.


  • Framework JavaScript library updates
  • Improved compatibility for KeePass Client WebView2 component for installation.
    • Full offline install includes all files. 
    • Important Notes:
      • The Microsoft WebView2 component supports OAuth authentication methods. The KeePass desktop install file size: 372 MB
    • The industry has come to also better support native browsers with OAuth methods, which is the expected direction for the future.

Bug Fixes

  • Fixed a bug where Private Folders may not be accessible in Offline Cache in the performance mode where pre-calculation is turned off.
  • Fixed KeePass TOTP field value & display issues.

Compatibility Notes

  • All users must upgrade to KeePass client version 7.11.38.
  • Server version 7.11.11 is min requirement for Auto-Fill plugin.