CVE-2026-32303
Integrity Check Bypass in Cryptomator Vault Enables MITM Attack
Publication date: 2026-03-20
Last updated on: 2026-03-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cryptomator | cryptomator | to 1.19.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-354 | The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission. |
| CWE-451 | The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks. |
| CWE-923 | The product establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint. |
| CWE-346 | The product does not properly verify that the source of data or communication is valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-32303 is a vulnerability in Cryptomator versions prior to 1.19.1 where an integrity check flaw in the vault configuration file allows an attacker to tamper with it. This tampering can lead to a man-in-the-middle (MITM) attack during the Hub key loading process. The client trusted endpoints specified in the vault configuration without verifying host authenticity, which means an attacker who can modify the vault.cryptomator file could mix legitimate authentication endpoints with malicious API endpoints. This could result in token exfiltration when unlocking Hub-backed vaults.
The vulnerability arises because the client did not perform host authenticity checks before connecting to endpoints, allowing attackers to intercept or manipulate communications. The issue was fixed in version 1.19.1 by introducing a Trust On First Use (TOFU) mechanism that requires explicit user approval for untrusted hosts and by implementing a configurable hostname allowlist.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can impact users by enabling attackers to perform man-in-the-middle attacks on the Cryptomator Hub API communications. Specifically, if an attacker can alter the vault configuration file, they can mix legitimate authentication endpoints with malicious ones, potentially leading to the exfiltration of authentication tokens.'}, {'type': 'paragraph', 'content': "Such token exfiltration could allow unauthorized access to the user's vault or related services, compromising confidentiality. However, Cryptomator's end-to-end encryption ensures that the vault data itself remains secure despite this vulnerability."}, {'type': 'paragraph', 'content': 'The vulnerability has a high severity with a CVSS score of 7.6, indicating a significant risk if exploited. It requires low privileges and user interaction but can lead to a change in scope and high confidentiality impact.'}] [4]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate the CVE-2026-32303 vulnerability, you should immediately upgrade Cryptomator to version 1.19.1 or later, where the issue has been patched.
- Apply the Trust-On-First-Use (TOFU) host verification mechanism during vault unlock to ensure explicit user approval of hosts.
- Configure an explicit hostname allowlist via system properties for centralized deployments to restrict connections to trusted Hub hosts.
- Restrict outbound network access so the client only communicates with trusted Hub hosts if you cannot upgrade immediately.
- Protect the vault configuration file (vault.cryptomator) integrity by enforcing strict file permissions and using trusted synchronization or storage paths.
Additionally, the update disallows unencrypted HTTP connections to the Cryptomator Hub by default, further reducing risk.