Executive summary 2 Notable findings 3 Project Summary 4 Audit Scope 4 Threat model formalisation 5 Fuzzing 14 Issues found 16 SLSA review 38 Conclusions 40 1 Vitess Security Audit, 2023 Executive summary VTAdmin code. 3. Manually audit the remaining Vitess code base. 4. Assess and improve Vitessʼs fuzzing suite. 5. Carry out a SLSA compliance review. These five goals are fairly different. While they which the threat model goal helped to assess. The threat model was also a force-multiplier for the fuzzing work that led to the discovery of a few missed edge cases when fixing the two CVEʼs. The audit started