1. Critical Signature Bypass Exposes Linear Webhook Endpoint to Unauthenticated Exploitation Under Tailscale Funnel
A P0 vulnerability in the Linear webhook handler permits unauthenticated remote code execution-equivalent access through a signature verification bypass. The flaw, residing in `backend/routers/linear_webhook.py:82-101`, causes the `_verify_linear_signature` function to return `True` when both `signature_header` and `se...