During our investigation we found a total of 22 findings. By impact, of the 22 findings 7 were critical, 2 were high, 4 were medium, 6 were low and 3 were informational in nature.
We sometimes observe a high amount of findings in projects undergoing rapid development. Our recommendation to the Voyage team is to adopt a security-focused development workflow. The codebase should be augmented with a comprehensive test suite ensuring the code is behaving as intended under real-world conditions. We also encourage Voyage to freeze the codebase and perform another independent audit before launch.