VYPR

Maven package

io.github.davidalmeidac/sealed-env-core

pkg:maven/io.github.davidalmeidac/sealed-env-core

Vulnerabilities (1)

  • CVE-2026-45091CriMay 12, 2026
    affected < 0.1.0-alpha.4fixed 0.1.0-alpha.4

    sealed-env is a cross-stack, zero-trust secret management library for Node.js and Java/Spring Boot. In sealed-env enterprise mode, versions 0.1.0-alpha.1 through 0.1.0-alpha.3 embedded the operator's literal TOTP secret in the JWS payload of every minted unseal token. JWS payload