You can look at https://codeberg.org/rimu/pyfedi/releases/tag/v1.6.25 to see the changes.

Basically, the 0-day was mostly someone running an LLM and trying to discover vulnerabilities without double checking them. Most of the things reported were not applicable (mentioning functions that don’t even exist), others were not applicable but led to some tangent hardening.

Lemmy also had a SSRF vulnerability a month ago: https://github.com/LemmyNet/lemmy/security/advisories/GHSA-q537-8fr5-cw35