Is it even safe to use browser-integrated password managers? I think they're so much easier to use than external solutions such as KeepassXC, but if it's so easy to decrypt their databases...
Why is this surprising and why do you expect the situation with external password managers to be different? If you can decrypt it other software running on your computer can too.
A password manager integrated with the browser could be compromised by a vulnerability in the browser as well exploited by something running within the browser.