CVE-2026-29110 — LOW (2.2) — White Hats Nepal

Q: How severe is CVE-2026-29110?

CVE-2026-29110 has been rated LOW with a CVSS base score of 2.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-29110?

Check the references section above for vendor advisories and patch information. Affected products include: Cryptomator Cryptomator.

Vulnerability Description

Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.0, in non-debug mode Cryptomator might leak cleartext paths into the log file. This can reveal meta information about the files stored inside a vault at a time, where the actual vault is closed. Not every cleartext path is logged. Only if a filesystem request fails for some reason (e.g. damaged encrypted file, not existing file), a log message is created. This issue has been patched in version 1.19.0.

CVSS Score

2.2

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cryptomator	Cryptomator	< 1.19.0

Related Weaknesses (CWE)

CWE-209

References

https://github.com/cryptomator/cryptomator/security/advisories/GHSA-j83j-mwhc-rcMitigationVendor Advisory

FAQ

What is CVE-2026-29110?

CVE-2026-29110 is a vulnerability with a CVSS score of 2.2 (LOW). Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.0, in non-debug mode Cryptomator might leak cleartext paths into the log file. This can reveal meta information ab...

How severe is CVE-2026-29110?

CVE-2026-29110 has been rated LOW with a CVSS base score of 2.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-29110?

Check the references section above for vendor advisories and patch information. Affected products include: Cryptomator Cryptomator.