Do You Know What Java Vulnerabilities are Hiding in the Shadows?

We scanned 16 million Maven packages and uncovered over 2.5 million hidden vulnerabilities missed by standard SCA tools. The problem? Shaded dependencies.

Java developers commonly repackage dependencies into Uber JARs and shaded libraries, breaking the link between vulnerable code and its original identity. Most scanners stop at metadata. Hopper analyzes the actual bytecode.

As part of our Maven ecosystem research, we’re offering a free shaded dependency scan for Java applications. You’ll see exactly what your current tools are missing.

What you get:
‍- A one-time scan for hidden and shaded vulnerabilities
- Function-level reachability insights to cut noise
- Full breakdown of issues and risk paths
- No obligation, no friction, just visibility