1. Amnezia Web UI Code Review Exposes SSL Private Key Storage in Application Database
A code review conducted on May 2, 2026, has identified a P2 security vulnerability in the Amnezia Web UI: SSL private key material is being stored directly in the application database. The SSLSettings schema in schemas.py accepts a key_text parameter and persists it to the settings table, creating a scenario where TLS ...