I'd guess it's this one:

> KeePassXC also cannot prevent data extraction from a hibernation file which stores your computer's memory to disk when going to sleep.

KeePass uses DPAPI so password-storage memory is not written to swap (and I guess hibernatefile) in cleartext. Note that this doesn't protect against reading the memory directly[0].

Though (on unices) it doesn't mention mlock(2) either.

[0] https://www.securityevaluators.com/casestudies/password-mana... subsection "Exposure of Cleartext Entries in Memory" of the Keepass section