embedza is vulnerable to man-in-the-middle attacks. The library downloads binaries via HTTP, causing remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server.