If anybody reading this has better TypeScript coding skills than I, perhaps using a Node.js compatible image viewer like the following might be a path forward…
There may be better options, but this one does have the ability to construct an image object based on data held in memory (which I believe is a pre-requisite for securely viewing image files).
Having used the free for myself and setting up family and friends I wanted to load in license and passport images and saw I could load attachments with paid version. So far good. But everything I find says we have to download the image out of BW to view and then delete the download off the device. Please tell me there’s a way to display the image in BW without downloading the file to the devices storage system. Some of the people I turned into BW are saying it can’t be done and can I find a solution for them. They paid to save attachments and are frustrated. Any solution to not save image to device storage would be helpful. Thanks in advance.
@Bobr19958 Welcome to the forum! I moved your post into an existing feature request on the same topic.
It’s a shame it has been 7 years since the users have been requesting this feature.
It is such an important feature, both from security and privacy perspective.
Moreover, I believe this would only help increase Bitwarden’s revenue, as people would love to use it to store important documents instead of the cloud providers. Even other users have requested for more default storage in Bitwarden could, indicating their desire to use it as a personal cloud.
And for the love of god, when this feature is implemented, please support opening PASSWORD PROTECTED PDFs inside Bitwarden.
I really can’t believe it’s been 7 years and this is still not implemented 
I have discovered Bitwarden some days ago and started migrating my data on it .. unfortunately after subscribing to Premium and uploading some documents, I have seen that there is no way to look at jpgs directly from the app.. and that that feature has been requested for 7 years now .. I feel if such a feature can stay so long without any development, I should not begin to store my documents there .. so sad .. I loved the idea of having important documents in a nice app available from anywhere..
Not to minimize or invalidate your dissatisfaction, but the implication made above is not fair. To repeat an explanation that I have given previously in this thread, developers did implement inline viewing for certain file types years ago, although there were bugs in some browsers; a fix was released in July 2022, although that fix evidently stopped working at a later date; nonetheless, even recent discussion among the devs indicates that they were still trying to get this to work in 2024, but evidently ran into insurmountable issues with Chrome. So it’s not like this issue has been ignored.
Hello grb, thanks for your answer and your links.
I understand the developers tried to implement the PDF viewer. Maybe it was the most difficult part of the work.
I would love having only at least an image viewer (jpg, png for example). That should be easier as I believe Chrome or other browsers are quite able to show jpg images easily.
I have tried again and on mobile, and if i want to see a screenshot of a document stored in Bitwarden it forces me to download it and i feel it’s quite a security issue because I need to delete it from my phone after usage (as several users already mentioned). Showing it directly in Bitwarden (maybe when pressing a button) would make image attachments useful.
If concerned about removing an image from your downloads folder, you ought to be equally concerned about removing it from much-less-visible browser cache.
Do give a vote for this feature if not done so already 
Developers: Go for the low-hanging fruit. If one could view JPG files, that’s probably 80% of what we need. Then work forward from there. But by giving us nothing, it’s very frustrating.
As far as security & caches, almost all of what I want is stuff that’s not super super secret. It’s copies of drivers license, or medicare cards, or whatever. I’m not worried about those maybe being in a browser cache.
Good point yes, maybe if it is implemented at least in the Mobile app, it may be automatically removed once i have seen it. And maybe the web app can force a removal or destruction of the image in cache after usage (when you click to hide the image). And of course it could be an option for users, telling them it may stay in the cache.
To be honest i don’t store private images that could not go to the browser’s cache but i feel having to download them in “Files” to see them is quite complicated and i feel totally useless to keep them in Bitwarden if i need to put them in “Files” or any other tool to view it.
done, i was too young to vote
@Gerardv514 While it is true that theoretically, the inline viewing of uploaded files could introduce new risks, the CVE being discussed in the linked article was not properly vetted by the submitter, and does not actually represent a real security vulnerability. The alleged XSS vulnerability in CVE-2025-5138 is equivalent to the issue reported in CVE-2025-45388; a detailed explanation of the latter is available here:
The key take-away from the article is the following passage:
Both Chromium (the basis for Chrome, Edge and many other browsers) and Firefox run the JavaScript embedded in a PDF in a sandbox, which heavily restricts what it has access to - even more so than is allowed conventionally. In both cases, there’s no access to cookies, local storage, or even the network — just the PDF it’s running in. That means, even though there is technically a cross-site scripting vulnerability, executing JavaScript in this context won’t get you anything.
The same applies to the claimed Bitwarden vulnerability in CVE-2025-5138.
Moreover, the Proof-of-Concept for CVE-2025-5138 was not even done using Bitwarden — all tests were done using Vaultwarden (and using a 3-year old deprecated release, to boot) …
More information is available in these two Github issues:
Unfortunately, organizations (like VulDB) that publish CVEs do not have the infrastructure to properly vet all submissions, and therefore rely on the submitter to properly investigate the vulnerability and submit an accurate report — something that did not happen here.
Even more regrettable is the fact that cybersecurity publications like CyberSecurityNews exist not to inform their readers, but to publish clickbait that drives traffic and ad revenue. Therefore, they have no incentive to properly investigate and accurately report on potential vulnerabilities; as long as they can reference a source that makes a claim that can be sensationalized, such publications have no incentive to fact-check their sources.
You know there are screen patterns for some devices. Mobile phones can be manageable because we use them every time but I have Meta Quest VR headset which I don’t use it frequently. So, I would love to store its lock pattern in bitwarden. I am okay even if I can add image to notes section. 50MB is enough for every user.
@ffreality With a premium subscription you can already store attachments – all files, including images – to vault items. Therefore, I moved your post into this feature request about being able to “View attachments without downloading” as that seems to be matching your request in essence.
I came here from Norton Password Manager. Having attachments already something but it would be very nice to have view some generic extensions like JPG, PNG, PDF. Actually having full markdown support in notes would be nice !
That would be another feature request: Add additional formatting options to secure notes (rich / markdown)
Hi Nail1684,
I believe this request has come up a few times over the past years. Has there been any progress or updates on it recently?
For me, this remains a showstopper in being able to fully adopt Bitwarden.