What is the CVSS score of CVE-2026-32303?

CVE-2026-32303 has a CVSS 3.1 base score of 7.6 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N. EPSS exploitation probability: 0.0%.

Which versions of Hashicorp are affected by CVE-2026-32303?

Cryptomator versions before 1.19.1 suffer from a configuration integrity flaw that allows attackers with file modification capability to perform man-in-the-middle attacks against Hub-backed vaults,…. A patch is available.

Hashicorp CVE-2026-32303

EUVD-2026-13746 HIGH

Origin Validation Error (CWE-346)

2026-03-20 GitHub_M

Information Disclosure Hashicorp

7.6

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:19 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

1.19.1

EUVD ID Assigned

Mar 20, 2026 - 18:15 euvd

EUVD-2026-13746

Analysis Generated

Mar 20, 2026 - 18:15 vuln.today

CVE Published

Mar 20, 2026 - 17:57 nvd

HIGH 7.6

DescriptionNVD

Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.1, an integrity check vulnerability allows an attacker to tamper with the vault configuration file leading to a man-in-the-middle vulnerability in Hub key loading mechanism. Before this fix, the client trusted endpoints from the vault config without host authenticity checks, which could allow token exfiltration by mixing a legitimate auth endpoint with a malicious API endpoint. Impacted are users unlocking Hub-backed vaults with affected client versions in environments where an attacker can alter the vault.cryptomator file. This issue has been patched in version 1.19.1.

AnalysisAI

Cryptomator versions prior to 1.19.1 contain an integrity check vulnerability that allows attackers to tamper with the vault.cryptomator configuration file, enabling man-in-the-middle attacks during Hub key loading. Attackers can mix legitimate authentication endpoints with malicious API endpoints to exfiltrate access tokens from users unlocking Hub-backed vaults in environments where vault configuration files can be modified. …

RemediationAI

Within 24 hours: Inventory all Cryptomator deployments and identify instances running versions prior to 1.19.1. Within 7 days: Deploy Cryptomator 1.19.1 or later across all affected systems; verify vault configuration files are protected against unauthorized modification with appropriate file system permissions. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory