Real vulnerabilities I find during pen tests, paired with the X post where I first shared them. The full writeup lives here.
Get your app tested before someone else does.