Nice, short read on vulnerabilities in two password managers. (Others seemingly have not been addressed.) Weaknesses like "missing authentication" might raise some hairs.

https://arstechnica.com/security/2026/02/password-managers-promise-that-they-cant-see-your-vaults-isnt-always-true/

Short commercial for the standard Unix password-manager https://www.passwordstore.org/ here. Main advantage in this context is that the actual software is simply combining trusted and tested tools and concepts: pgp, files, git, ssh, pinentry, various tools to further use pass in different applicatios , and not trying to "re-invent". That also has the advantage of the passwordsbeing accessible if the password-store software becomes unusable.

Furthermore it is easier to estimate the achieved level of security, e.g. https://gpg.fail/ (Prectical hint, sequoia-chameleon promises to provide a stand-in replacement for gnupg.)