Vaultwarden update out as of ~15 minutes ago, includes security updates.
It says “unconfirmed owner can purge entire organization vault”. That seems probably not great, so updating is probably a good idea.
Updated mine, but, realistically, I don’t think most of us are directly exposing our VaultWarden instances to the internet … I can’t imagine I’m all that weird by only exposing it over VPN for remote use.
I have it exposed with a 2FA it seems fairly safe.
Isn’t that there point though? Remote synchronizing?
That’s why most use a VPN.
True! Good and relative safe on my Tailscale network. The only thing I`m brave enough to expose to the big and scary internet/botnet is my little Pi running Headscale, and I’ve put that on a separate network.
Keep em frosty people
