Cryptomator 1.1.4 for Windows, OS X, and Linux fixes two (related) vulnerabilities allowing malicious Flash files being injected into vaults, that can be executed to “bypass” the SOP and access files from a Flash-enabled browser (GitHub Issues 318 & 319). Kudos to Lukas Reschke for reporting them!
This is a companion discussion topic for the original entry at https://cryptomator.org/blog/2016/08/15/release-1.1.4_en.html