{"vulnerability": "cve-2026-4509", "sightings": [{"uuid": "86662b27-ce6f-4201-9041-0163b50a31a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4509", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhkkrfih4y2n", "content": "", "creation_timestamp": "2026-03-21T07:59:35.886176Z"}, {"uuid": "b61a14a6-c5aa-4d45-b16b-62a7b04d04a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45091", "type": "seen", "source": "https://gist.github.com/alon710/001644e5a9eb201b408c3975d7ef4c5c", "content": "# CVE-2026-45091: CVE-2026-45091: Cleartext TOTP Secret Exposure in sealed-env JWS Tokens\n\n> **CVSS Score:** 9.1\n> **Published:** 2026-05-12\n> **Full Report:** https://cvereports.com/reports/CVE-2026-45091\n\n## Summary\nThe sealed-env library incorrectly embeds operator TOTP secrets in the unencrypted Base64-encoded payload of minted JWS tokens, allowing unauthenticated attackers to extract credentials and bypass multi-factor authentication controls.\n\n## TL;DR\nVersions 0.1.0-alpha.1 through 0.1.0-alpha.3 of the sealed-env library suffer from a critical flaw where JWS token payloads contain plaintext TOTP secrets, facilitating trivial MFA bypasses.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CVSS Score**: 9.1 (CRITICAL)\n- **Attack Vector**: Network\n- **CWE ID**: CWE-200, CWE-522\n- **Privileges Required**: None\n- **Affected Versions**: 0.1.0-alpha.1 - 0.1.0-alpha.3\n- **CISA KEV**: Not Listed\n\n## Affected Systems\n\n- sealed-env Node.js SDK\n- sealed-env Java Spring Boot integration\n- **sealed-env**: >= 0.1.0-alpha.1, <= 0.1.0-alpha.3 (Fixed in: `0.1.0-alpha.4`)\n\n## Mitigation\n\n- Upgrade the sealed-env library to version 0.1.0-alpha.4.\n- Rotate all TOTP secrets for operator accounts.\n- Purge CI/CD logs, container dumps, and monitoring systems containing legacy unseal tokens.\n\n**Remediation Steps:**\n1. Identify all Node.js and Java Spring Boot applications running sealed-env versions 0.1.0-alpha.1 through 0.1.0-alpha.3.\n2. Update dependencies in package.json or pom.xml/build.gradle to target sealed-env version 0.1.0-alpha.4.\n3. Deploy the updated application to production environments.\n4. Access the sealed-env administrative interface and invalidate all existing operator TOTP configurations.\n5. Require operators to register new TOTP credentials.\n6. Search centralized logging systems and CI/CD pipelines for existing JWS tokens and delete the offending records.\n\n## References\n\n- [GHSA Advisory](https://github.com/davidalmeidac/sealed-env/security/advisories/GHSA-x3r2-fj3r-g5mv)\n- [NVD Entry](https://nvd.nist.gov/vuln/detail/CVE-2026-45091)\n- [CVE Record](https://www.cve.org/CVERecord?id=CVE-2026-45091)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-45091) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-12T16:10:29.000000Z"}, {"uuid": "1ee97780-dc8b-443c-afa8-37cdc374201f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45091", "type": "published-proof-of-concept", "source": "Telegram/mjKYtwBGh-p48w8zvyK_dmOaa4JWuY9k0ugNTHKD_EJnGeA", "content": "", "creation_timestamp": "2026-05-16T07:00:12.000000Z"}, {"uuid": "65313c6e-f6ab-46ea-8853-5a227544746b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45091", "type": "published-proof-of-concept", "source": "Telegram/qFnncewX_FdOxDivGoEqJX19AvA6N2dSwzORt9UZIQWFUQU", "content": "", "creation_timestamp": "2026-05-17T02:07:47.000000Z"}, {"uuid": "761562c2-9f4b-454a-9efb-4c6d054a5f61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45090", "type": "published-proof-of-concept", "source": "https://github.com/hahwul/dalfox/security/advisories/GHSA-2g4x-fq3j-cgq4", "content": "", "creation_timestamp": "2026-05-07T13:30:22.000000Z"}]}