Find real vulnerabilities before they ship
Vulnerability Database › maven › CVE-2025-22228
BCryptPasswordEncoder.matches(CharSequence,String) will incorrectly return true for passwords larger than 72 characters as long as the first 72 characters are the same.
Base Score