diff --git a/src/main/csp.ts b/src/main/csp.ts
index 44272fbcf..378f4b69a 100644
--- a/src/main/csp.ts
+++ b/src/main/csp.ts
@@ -8,7 +8,8 @@ import { session } from "electron";
 
 type PolicyMap = Record<string, string[]>;
 
-const MediaSrc = ["connect-src", "img-src", "media-src"];
+const ConnectSrc = ["connect-src"];
+const MediaSrc = [...ConnectSrc, "img-src", "media-src"];
 const CssSrc = ["style-src", "font-src"];
 const MediaAndCssSrc = [...MediaSrc, ...CssSrc];
 const MediaScriptsAndCssSrc = [...MediaAndCssSrc, "script-src", "worker-src"];
@@ -38,12 +39,13 @@ export const CspPolicies: PolicyMap = {
     "unpkg.com": MediaScriptsAndCssSrc,
 
     // Function Specific
-    "api.github.com": ["connect-src"], // used for updating Vencord itself
-    "ws.audioscrobbler.com": ["connect-src"], // last.fm API
-    "translate.googleapis.com": ["connect-src"], // Google Translate API
+    "api.github.com": ConnectSrc, // used for updating Vencord itself
+    "ws.audioscrobbler.com": ConnectSrc, // last.fm API
+    "translate.googleapis.com": ConnectSrc, // Google Translate API
     "*.vencord.dev": MediaSrc, // VenCloud (api.vencord.dev) and Badges (badges.vencord.dev)
     "manti.vendicated.dev": MediaSrc, // ReviewDB API
-    "decor.fieryflames.dev": MediaSrc, // Decor API
+    "decor.fieryflames.dev": ConnectSrc, // Decor API
+    "ugc.decor.fieryflames.dev": MediaSrc, // Decor CDN
     "sponsor.ajay.app": MediaSrc, // Dearrow API
     "usrbg.is-hardly.online": MediaSrc, // USRBG API
 };
@@ -82,7 +84,7 @@ const patchCsp = (headers: Record<string, string[]>) => {
         const csp = parsePolicy(headers[header][0]);
 
         const pushDirective = (directive: string, ...values: string[]) => {
-            csp[directive] ??= ["'self'"];
+            csp[directive] ??= [...csp["default-src"] ?? []];
             csp[directive].push(...values);
         };
 
@@ -98,7 +100,6 @@ const patchCsp = (headers: Record<string, string[]>) => {
             }
         }
 
-        console.log(csp);
         headers[header] = [stringifyPolicy(csp)];
     }
 };
diff --git a/src/plugins/_api/badges/index.tsx b/src/plugins/_api/badges/index.tsx
index 2a83809d6..58b2e32cb 100644
--- a/src/plugins/_api/badges/index.tsx
+++ b/src/plugins/_api/badges/index.tsx
@@ -33,7 +33,7 @@ import definePlugin from "@utils/types";
 import { Forms, Toasts, UserStore } from "@webpack/common";
 import { User } from "discord-types/general";
 
-const CONTRIBUTOR_BADGE = "https://vencord.dev/assets/favicon.png";
+const CONTRIBUTOR_BADGE = "https://cdn.discordapp.com/emojis/1092089799109775453.png?size=64";
 
 const ContributorBadge: ProfileBadge = {
     description: "Vencord Contributor",
diff --git a/src/plugins/devCompanion.dev/index.tsx b/src/plugins/devCompanion.dev/index.tsx
index a495907b2..19d954460 100644
--- a/src/plugins/devCompanion.dev/index.tsx
+++ b/src/plugins/devCompanion.dev/index.tsx
@@ -91,7 +91,7 @@ function parseNode(node: Node) {
 function initWs(isManual = false) {
     let wasConnected = isManual;
     let hasErrored = false;
-    const ws = socket = new WebSocket(`ws://localhost:${PORT}`);
+    const ws = socket = new WebSocket(`ws://127.0.0.1:${PORT}`);
 
     ws.addEventListener("open", () => {
         wasConnected = true;