CVE-2026-32317

Name of the Vulnerable Software and Affected Versions Cryptomator for Android versions prior to 1.12.3

Description Cryptomator for Android provides client-side encryption for files in the cloud. A flaw in integrity checks allows tampering with the vault configuration file, potentially leading to a man-in-the-middle attack during the Hub key loading process. Specifically, the client previously trusted endpoints from the vault configuration without verifying host authenticity. This could allow an attacker to exfiltrate tokens by substituting a legitimate authentication endpoint with a malicious API endpoint. The issue impacts users unlocking Hub-backed vaults in environments where an attacker can modify the vault.cryptomator file.

Recommendations Update to version 1.12.3 or later.