Regarding a malicious server acting under Bitwarden’s fleet: As I see it, the most vulnerable target would be an organization’s self-hosted Bitwarden server.