That's standard for all password managers IIRC. If they can get your into your vault without your master secret then it is a bad password manager.
What has happened to some password managers though is that they don't store the metadata encrypted (like username, website name, etc.) so that leaks have revealed which sites you use but I don't think any decent password manager has leaked passwords without a client being hacked, right?
What has happened to some password managers though is that they don't store the metadata encrypted (like username, website name, etc.) so that leaks have revealed which sites you use but I don't think any decent password manager has leaked passwords without a client being hacked, right?