An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components.
https://github.com/mojibake-dev/mojibake-CVE/blob/main/hMailServer/CVE-2025-52372.md