There are lot of possible mistakes that can compromise the security of the application, such as the following:

• Using insecure third-party libraries inside an application, which may contain security vulnerabilities
• Not filtering the user-provided input to the application
• Storing security-sensitive data unencrypted inside an application
• Not implementing proper restrictions to control access to the internal infrastructure