These has been a security audit, ordered by the french ANSSI (French government IT Security agency). This audit resulted in a "CSPN" certificate, which basically means that 35 days were spent by a competent auditor (Thales), and no important vulnerabilities were found in KeePass 2.0 Portable.

Report: http://www.ssi.gouv.fr/uploads/IMG/cspn/anssi-cspn_2010-07fr...