Dear Tails developers,
The current version of Electrum in Tails (2.7) has an attack vector via
open RPC with password-less wallets.
Because Tails has encrypted persistence, many users are likely to use
Electrum on Tails without password protection.
For more information, see here:
https://github.com/spesmilo/electrum-docs/blob/master/cve.rst
Fix: update the Electrum version to the current tarball on the download
page (3.0.6).
Best regards and respect for your continued efforts,
Amir