Password Manager Infrastructure in the Wild: Surveying Prevalence, Internet Footprint, and Exposure

Censys ARC scanned the Internet exposure of five password managers and found ~31,000 web-accessible instances (Vaultwarden ~62%). The study details geographic and hosting concentration, version skew, and identifies two critical Vaultwarden server vulnerabilities (CVE-2024-55224 and CVE-2024-55225) that potentially affect ~1,700 hosts, emphasizes the risks of public-facing vaults and misconfiguration, and notes overall patching behavior where the majority of instances appear relatively current.