CVE-2026-11347EPSS p0.1%

CVE-2026-11347CVE-2026-11347

Description

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors (IVs) for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can leverage these vulnerabilities to decrypt sensitive obfuscated strings, including ConnectionString values containing database credentials from appsettings.json.

Scoring

EPSS0.07% probability of exploitation · percentile 0.1% · 2026-06-17T12:03:21Z
Last modified2026-06-05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-11345
CVE
CVE-2026-11346
CVE
CVE-2026-22906
CVE
CVE-2026-5426
CVE
CVE-2025-56577
CVE
CVE-2026-40372
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.