A critical information disclosure vulnerability in Docusnap, a widely used IT inventory management solution, allows attackers to decrypt sensitive system data collected from Windows hosts.
Designated as CVE-2025-26849, the flaw stems from the use of a static encryption key to protect inventory files, rendering the encryption effectively useless.
https://cybersecuritynews.com/docusnap- ... erability/