I audited 3 vibe coded products that were posted on Reddit in a single afternoon. All three had critical security vulnerabilities. One was a live marketplace with real Stripe payments where any logged-in user could grant themselves admin and hijack payment routing with a single request. Another had development endpoints still in production that let anyone mark themselves as a paid user and give themselves unlimited credits. The third had its entire database of 681,000 salary records downloadable by anyone with no authentication at all.I wasn't looking for these. They appeared in my feed. I signed up as a normal user and opened dev tools
seedium_tech|10 days ago