CVE-2026-32318— Cryptomator for IOS: Tampered vault configuration allows MITM attack on Hub API
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-32318
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cryptomator for IOS: Tampered vault configuration allows MITM attack on Hub API
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cryptomator for IOS offers multi-platform transparent client-side encryption for files in the cloud. Prior to version 2.8.3, an integrity check vulnerability allows an attacker tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism. Before this fix, the client trusted endpoints from the vault config without host authenticity checks, which could allow token exfiltration by mixing a legitimate auth endpoint with a malicious API endpoint. Impacted are users unlocking Hub-backed vaults with affected client versions in environments where an attacker can alter the vault.cryptomator file. This issue has been patched in version 2.8.3.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
源验证错误
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cryptomator 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cryptomator是Cryptomator社区的一个简单的数字自卫工具。 Cryptomator 2.8.3之前版本存在安全漏洞,该漏洞源于在IOS系统中完整性检查不足,可能导致中间人攻击和令牌泄露。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| cryptomator | ios | < 2.8.3 | - |
II. Public POCs for CVE-2026-32318
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-32318
请登录查看更多情报信息。
- Release 2.8.3 · cryptomator/ios · GitHubx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2026-32318
Same Patch Batch · cryptomator · 2026-03-20 · 5 CVEs total
| CVE-2026-32303 | 7.6 HIGH | Cryptomator: Tampered vault configuration allows MITM attack on Hub API |
| CVE-2026-32317 | 7.6 HIGH | Cryptomator for Android: Tampered vault configuration allows MITM attack on Hub API |
| CVE-2026-32310 | 4.1 MEDIUM | Cryptomator: Unverified masterkeyfile key IDs can access arbitrary local or UNC paths |
| CVE-2026-32309 | Cryptomator: Hub unlocking accepts plaintext HTTP and unvalidated endpoint schemes |
IV. Related Vulnerabilities
Same vendor: cryptomator
- CVE-2026-33472
Cryptomator Hub OAuth token exchange HTTP downgrade via getA - CVE-2026-32317
Cryptomator for Android: Tampered vault configuration allows - CVE-2026-32310
Cryptomator: Unverified masterkeyfile key IDs can access arb - CVE-2026-32309
Cryptomator: Hub unlocking accepts plaintext HTTP and unvali - CVE-2026-32303
Cryptomator: Tampered vault configuration allows MITM attack
Same weakness: CWE-346
- CVE-2026-6508
RCE in TUBITAK BILGEM's Liderahenk - CVE-2026-43870
Apache Thrift: Node.js web_server.js multi-vulnerability - CVE-2026-7439
AgentFlow Local Web API Content-Type Validation Bypass - CVE-2026-41398
OpenClaw - Unauthorized Agent Request Dispatch via Untrusted - CVE-2026-41393
OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance an
V. Comments for CVE-2026-32318
No comments yet