Bill Toulas reports:
The popular KeePass password manager is vulnerable to extracting the master password from the application’s memory, allowing attackers who compromise a device to retrieve the password even with the database is locked.
The issue was discovered by a security researcher known as ‘vdohney,’ who published a proof-of-concept tool allowing attackers to extract the KeePass master password from memory as a proof-of-concept (PoC).
Read more at BleepingComputer.
As the article notes, KeePassXC isn’t affected. And KeePassXC works well across both Windows and Linux; I don’t know of a reason not to use it instead of KeePass.