The researchers found vulnerabilities in GitHub projects using OpenAI, Nvidia and YandexGPT APIs. For example, an OpenAI file - "get_api_provider_stream_iter function in api_provider.py" - that included server-side-request forgery flaw could enable attackers to control API requests and redirect them to arbitrary endpoints.