[hleszek]

you can see them in the report at the bottom, but I counted four. See my post above.

[OutOfHere]

No matter how compromised a server gets, ideally the client should never be able to provide it unencrypted data, or data is encrypted in a way such that the server can decrypt it. It is unclear if Bitwarden has fixed this core issue or not.