An attacker may be able to read the unencrypted swap space on disk. In this scenario it makes sense to encrypt passwords in memory and store the key in a locked page.

This isn't true anymore.

Newer versions store a SHA-256 hash of the header inside the encrypted XML.

At least KeePass >= 2.20 and KeePassX 2.0 >= alpha3 support this. I haven't checked other implementations.