Loading market data...
← Back to CVE feed

CVE-2026-11347

UNKNOWN View on NVD ↗

Description

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors (IVs) for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can leverage these vulnerabilities to decrypt sensitive obfuscated strings, including ConnectionString values containing database credentials from appsettings.json.

Published: Jun 05, 2026 11:16 UTC Modified: Jun 05, 2026 16:07 UTC