HIGH
Keepass
CVE published 2017-01-23
CVE-2016-5119
CVE-2016-5119 affects KeePass 2.33 and earlier. According to the CVE description and NVD record, the automatic update feature can be abused by a man-in-the-middle attacker who spoofs the version-check response and supplies a crafted update, creating a path to arbitrary code execution. NVD assigns a HIGH severity score of 7.5 and classifies the issue as network-reachable with required user interaction.