According to ChainCatcher, the StarkWare Ecosystem Director posted on the X platform that Fractal Bitcoin may have security issues.

RPC credentials are hard-coded and cannot be configured through environment variables, and the RPC server is publicly exposed and vulnerable to attacks;

Allowing RPC connections from any IP address is also very dangerous, exposing the user's node to potential attacks from anywhere;

Certain settings allow ZeroMQ connections from any IP, which poses a security risk; removing the limit on the number of connections may lead to resource exhaustion;

Official GitHub organizations or repositories are difficult to identify, etc.