As part of some research about the common crypto mistakes that developers make, I noticed that your application has one of them.
In AesEncryptor.cipher you’re initializing a Cipher instance with a static IV which is insecure.
One possible solution would be to generate the initialization vector using SecureRandom:
byte[] iv = new byte[16];
new SecureRandom().nextBytes(iv);