A static initialization vector (IV) in the encrypt function of netbird v0.28.4 allows attackers to obtain sensitive information.