Unrated severityNVD Advisory· Published Feb 6, 2026· Updated Feb 6, 2026

Use of Hard-Coded Cryptographic Key for Password Storage

CVE-2026-2103

Description

Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials.

Affected products

Infor/SyteLine ERPllm-create
Infor/SyteLine ERPv5
Range: 10.0.8803.16889

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.blacklanternsecurity.com/p/cve-2026-2103-infor-syteline-erpmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000