A high impact vulnerability, named CVE-2020-28052, has been discovered in a popular Java cryptography library which could allow attackers to more easily brute force Bcrypt hashed passwords.
Source: cyware.com