Product
A high-severity vulnerability, CVE-2026-50200, in the Steeltoe `Sanitizer` component of the Environment actuator allows for the unintended disclosure of sensitive connection string values, including embedded plaintext credentials, when the `/actuator/env` endpoint is accessed, enabling direct database connection and bypassing application-tier security.