Skip to main content

Cryptomator

4 CVEs product

Monthly

CVE-2026-29110 LOW Monitor

Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.0, in non-debug mode Cryptomator might leak cleartext paths into the log file. This can reveal meta information about the files stored inside a vault at a time, where the actual vault is closed. Not every cleartext path is logged. Only if a filesystem request fails for some reason (e.g. damaged encrypted file,...

Information Disclosure Cryptomator
NVD GitHub VulDB
CVSS 3.1
2.2
EPSS
0.0%
CVE-2023-39520 HIGH POC PATCH This Week

Cryptomator encrypts data being stored on cloud infrastructure. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Cryptomator
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-37907 HIGH POC PATCH This Week

Cryptomator is data encryption software for users who store their files in the cloud. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Cryptomator
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-25366 HIGH This Week

Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Apple Cryptomator
NVD
CVSS 3.1
7.8
EPSS
0.6%
EPSS 0% CVSS 2.2
LOW Monitor

Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.0, in non-debug mode Cryptomator might leak cleartext paths into the log file. This can reveal meta information about the files stored inside a vault at a time, where the actual vault is closed. Not every cleartext path is logged. Only if a filesystem request fails for some reason (e.g. damaged encrypted file,...

Information Disclosure Cryptomator
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Cryptomator encrypts data being stored on cloud infrastructure. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Cryptomator
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Cryptomator is data encryption software for users who store their files in the cloud. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Cryptomator
NVD GitHub
EPSS 1% CVSS 7.8
HIGH This Week

Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Apple Cryptomator
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy