Ok I found the TU Darmstadt paper that initially disclosed the flaws. TL;DR user hashing to implement a (bad) private set intersection protocol, and its trivially vulnerable to brute-force dictionary attacks.
Apple has known since 2019 and didn’t fix it! https://www.usenix.org/system/files/sec21-heinrich.pdf