With CFB mode encryption attacker can recover part of the plaintext if 2 first bytes of the message block are known.
vulners.com/securityvulns/securityvulns:doc:8085