Conduct a security assessment of this code/system: [DESCRIBE OR PASTE CODE]. Context: [WEB APP/API/MOBILE/INTERNAL TOOL]. Assess for: 1) OWASP Top 10 vulnerabilities applicable to this context, 2) Authentication and session management weaknesses, 3) Input validation and injection vulnerabilities, 4) Sensitive data exposure (hardcoded secrets, logging PII), 5) Dependency vulnerabilities (outdated packages with known CVEs), 6) Access control flaws (IDOR, privilege escalation), 7) Cryptographic issues. For each finding: severity (CVSS estimate), exploitation scenario, and remediation steps. Prior...