CVE-2026-32303
Received Received - Intake
Integrity Check Bypass in Cryptomator Vault Enables MITM Attack

Publication date: 2026-03-20

Last updated on: 2026-03-26

Assigner: GitHub, Inc.

Description
Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.1, an integrity check vulnerability allows an attacker to tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism. Before this fix, the client trusted endpoints from the vault config without host authenticity checks, which could allow token exfiltration by mixing a legitimate auth endpoint with a malicious API endpoint. Impacted are users unlocking Hub-backed vaults with affected client versions in environments where an attacker can alter the vault.cryptomator file. This issue has been patched in version 1.19.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-20
Last Modified
2026-03-26
Generated
2026-06-16
AI Q&A
2026-03-20
EPSS Evaluated
2026-06-14
NVD
CVE-2026-32303
EUVD
EUVD-2026-13746
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cryptomator cryptomator to 1.19.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-451 The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
CWE-346 The product does not properly verify that the source of data or communication is valid.
CWE-923 The product establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.
CWE-354 The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-32303 is a vulnerability in Cryptomator versions prior to 1.19.1 where an integrity check flaw in the vault configuration file allows an attacker to tamper with it. This tampering can lead to a man-in-the-middle (MITM) attack during the Hub key loading process. The client trusted endpoints specified in the vault configuration without verifying host authenticity, which means an attacker who can modify the vault.cryptomator file could mix legitimate authentication endpoints with malicious API endpoints. This could result in token exfiltration when unlocking Hub-backed vaults.

The vulnerability arises because the client did not perform host authenticity checks before connecting to endpoints, allowing attackers to intercept or manipulate communications. The issue was fixed in version 1.19.1 by introducing a Trust On First Use (TOFU) mechanism that requires explicit user approval for untrusted hosts and by implementing a configurable hostname allowlist.

Impact Analysis

[{'type': 'paragraph', 'content': 'This vulnerability can impact users by enabling attackers to perform man-in-the-middle attacks on the Cryptomator Hub API communications. Specifically, if an attacker can alter the vault configuration file, they can mix legitimate authentication endpoints with malicious ones, potentially leading to the exfiltration of authentication tokens.'}, {'type': 'paragraph', 'content': "Such token exfiltration could allow unauthorized access to the user's vault or related services, compromising confidentiality. However, Cryptomator's end-to-end encryption ensures that the vault data itself remains secure despite this vulnerability."}, {'type': 'paragraph', 'content': 'The vulnerability has a high severity with a CVSS score of 7.6, indicating a significant risk if exploited. It requires low privileges and user interaction but can lead to a change in scope and high confidentiality impact.'}] [4]

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate the CVE-2026-32303 vulnerability, you should immediately upgrade Cryptomator to version 1.19.1 or later, where the issue has been patched.

  • Apply the Trust-On-First-Use (TOFU) host verification mechanism during vault unlock to ensure explicit user approval of hosts.
  • Configure an explicit hostname allowlist via system properties for centralized deployments to restrict connections to trusted Hub hosts.
  • Restrict outbound network access so the client only communicates with trusted Hub hosts if you cannot upgrade immediately.
  • Protect the vault configuration file (vault.cryptomator) integrity by enforcing strict file permissions and using trusted synchronization or storage paths.

Additionally, the update disallows unencrypted HTTP connections to the Cryptomator Hub by default, further reducing risk.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32303. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart