CVE-2026-2103

Name of the Vulnerable Software and Affected Versions Infor SyteLine ERP (affected versions not specified)

Description The software utilizes hard-coded, static cryptographic keys for encrypting stored credentials, including user passwords, database connection strings, and API keys. These encryption keys are consistent across all installations. An attacker gaining access to the application binary and database can decrypt all stored credentials. This impacts all installations of the software, as the keys are universal.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.