The issue **"Add any depot to your app and access its contents without decryption key via /apps/setcommonredists"** allows attackers to bypass encryption requirements, accessing restricted data within a desktop application. This vulnerability risks unauthorized data exposure and distribution, undermining application security controls for protected content.
https://hackerone.com/reports/1018368