VYPR

Go modules package

github.com/bitnami-labs/sealed-secrets

pkg:golang/github.com/bitnami-labs/sealed-secrets

Vulnerabilities (1)

  • CVE-2026-22728MedFeb 26, 2026
    affected < 0.36.0fixed 0.36.0

    Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation (/v1/rotate) flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By subm