Kaspersky Password Manager
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Kaspersky Password Manager.
By the Year
In 2026 there have been 0 vulnerabilities in Kaspersky Password Manager. Password Manager did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 2 | 7.65 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 0.00 |
It may take a day or so for new Password Manager vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Kaspersky Password Manager Security Vulnerabilities
Local User Can Dump Kaspersky Password Manager Chrome Extension Credentials
CVE-2023-23349
- March 22, 2024
Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form of a website with the saved credentials, and the KPM extension must autofill these credentials. The attacker must then launch a malware module to steal those specific credentials.
A component in Kaspersky Password Manager could
CVE-2021-35052
7.8 - High
- November 23, 2021
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High.
Improper Privilege Management
Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially
CVE-2020-27020
7.5 - High
- May 14, 2021
Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation).
Inadequate Encryption Strength
Unauthorized code execution
CVE-2018-6306
- April 19, 2018
Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Kaspersky Password Manager or by Kaspersky? Click the Watch button to subscribe.
