CVE-2020-37178

HIGH

KeePass Password Safe <2.44 - DoS

Title source: llm

Description

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash.

Exploits (1)

exploitdb WORKING POC

by Mustafa Emre Gül · textdosmultiple

https://www.exploit-db.com/exploits/47952

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/47952

[Various Sources] https://keepass.info/

[Third Party Advisory] https://www.vulncheck.com/advisories/keepass-denial-of-service-poc

Scores

CVSS v3 7.5

EPSS 0.0003

EPSS Percentile 10.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-94

Status published

Products (1)

Keepass/KeePass Password Safe < 2.44

Published Feb 11, 2026

Tracked Since Feb 18, 2026