PT-2026-23736 · Cryptomator · Cryptomator

Infe0

·

Publicado

2026-03-06

·

Atualizado

2026-03-06

·

CVE-2026-29110

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Cryptomator versions prior to 1.19.0
Description Cryptomator encrypts data stored on cloud infrastructure. Before version 1.19.0, in non-debug mode, Cryptomator could log cleartext file paths. This could reveal metadata about files within a vault when the vault is closed. Cleartext paths are only logged if a filesystem request fails, such as when an encrypted file is damaged or does not exist.
Recommendations Update to version 1.19.0 or later.

Exploit

Correção

Generation of Error Message Containing Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-209

Identificadores relacionados

CVE-2026-29110
GHSA-J83J-MWHC-RCGW

Produtos afetados

Cryptomator