CVE-2026-33472 | Cryptomator up to 1.19.1 Hub API CheckHostTrustController.getAuthority authentication bypass (GHSA-9q8x-whrw-x44p)

A vulnerability, which was classified as problematic, has been found in Cryptomator up to 1.19.1. This affects the function CheckHostTrustController.getAuthority of the component Hub API. Performing a manipulation results in authentication bypass by primary weakness.

This vulnerability is identified as CVE-2026-33472. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More