You control your private key and that is what is used to vote. Some malware could possibly decrypt and sign with your private key or capture it after you decrypt it in the interval where is clear. But that problem, protecting the private key, is being solved by the cryptocurrency people.
Once your signed transaction with your vote is on the blockchain it can't be hacked. The blockchain is immutable, can't be changed or altered. It is also public, although for privacy, the validation of the vote count would be complicated.
Your BEST case scenario is you have a completely hackable voter database that feeds i
Thats true, although that's registration, not a database. There is no database, but there are addresses of voters that are allocated one vote a piece. If someone impersonates several people and gets several addresses that is a registration problem. Blockchain does not solve that. But keep in mind there is no database to hack. The allocation of credentials to vote is on the blockchain which cannot be hacked.
Who hands out the private keys? How are we verifying they’re going to legitimate voters? They don’t need to capture anything if they can just make voters up.
If you’re handing out private keys it’s a database. There has to be some list of voters that get keys, that list is hackable.