CVE-2026-32310
Path Traversal in Cryptomator Vault Loader Enables SMB Access
Publication date: 2026-03-20
Last updated on: 2026-03-25
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cryptomator | cryptomator | From 1.6.0 (inc) to 1.19.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-32310 is a vulnerability in Cryptomator versions 1.6.0 through 1.19.0 where the vault configuration is parsed before its integrity is verified. The masterkeyfile loader uses an unverified keyId as a filesystem path without proper validation, allowing it to resolve paths that include parent-directory traversal, absolute local paths, or UNC paths.
This means a malicious vault configuration can specify a masterkeyfile path that escapes the vault directory or points to external locations, such as attacker-controlled network shares. On Windows, this can trigger outbound SMB network access to attacker hosts before the user even enters a passphrase.
The root cause is that the software trusts path-bearing masterkeyfile key identifiers from unverified vault metadata without enforcing containment checks or rejecting absolute or UNC paths, leading to path traversal and external file access.
How can this vulnerability impact me? :
This vulnerability can impact users by allowing a malicious vault configuration to cause Cryptomator to access arbitrary files outside the intended vault directory.
- It can trigger outbound SMB network connections to attacker-controlled UNC shares on Windows, potentially leaking NTLM authentication credentials.
- It may expose hostnames and user context to attackers before any passphrase is entered.
- It allows unauthorized access to local files outside the vault root.
- Backup logic may create backups outside the vault due to non-normalized path checks.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusual outbound SMB network connections originating from Cryptomator before any user passphrase is entered, especially on Windows systems. Such connections may indicate that the software is resolving and checking external UNC paths specified in a malicious vault configuration.
A proof of concept involves creating or modifying a vault configuration with a masterkeyfile URI pointing to an external path and observing if Cryptomator attempts to access that path before prompting for a passphrase.
On Windows, network monitoring tools or commands can be used to detect outbound SMB connections to suspicious hosts. For example, using PowerShell or command line tools to monitor SMB traffic or network connections:
- Use PowerShell to monitor SMB connections: `Get-SmbConnection`
- Use netstat to check for outbound SMB connections (port 445): `netstat -an | findstr :445`
- Use network packet capture tools like Wireshark or tcpdump to monitor SMB traffic to external hosts.
Additionally, inspecting the vault configuration files for suspicious masterkeyfile URIs containing parent-directory traversal sequences, absolute paths, or UNC paths can help detect attempts to exploit this vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Cryptomator to version 1.19.1 or later, where the vulnerability has been patched by enforcing masterkey loading only from a fixed filename within the vault directory.
If upgrading is not immediately possible, avoid opening vaults from untrusted sources or with suspicious configurations that may contain malicious masterkeyfile URIs.
Network-level controls can be applied to block outbound SMB connections (port 445) from the system running Cryptomator to prevent leakage of credentials or exposure to attacker-controlled UNC shares.
Review and validate vault configuration files to ensure they do not contain absolute paths, UNC paths, or parent-directory traversal sequences in masterkeyfile key IDs.