Sure it's a known footgun, but I wouldn't be so harsh without knowing more. It could be the result of a series of only slightly bad decisions.

A junior developer creates a function with default of [] instead of (), but otherwise no mutations:

    def get_user(unchecked_ids=[]):
        ids = get_valid_ids(unchecked_ids)
        if not ids: ids = [current_user_id]
        return query_users(ids)

Alice introduces a mutation in a place that is currently safe.

    fa55099 - 45 minutes ago - Alice - Avoid creating unnecessary new list
     def get_user(unchecked_ids=[]):
         ids = get_valid_ids(unchecked_ids)
    -    if not ids: ids = [current_user_id]
    +    if not ids: ids.append(current_user_id)
         return query_users(ids)

Meanwhile Bob simplifies the code in a separate branch.

    f4e704c - 30 minutes ago - Bob - Fix caller who was sending invalid ids
    + def get_user(ids=[]):
    - def get_user(unchecked_ids=[]):
    -     ids = get_valid_ids(unchecked_ids)
          if not ids: ids = [current_user_id]
          return query_users(ids)

Then Charlie does something else on the branch, tries to merge it into master, and Git auto-resolves the conflict because there's no overlap between the changes.

    def get_user(ids=[]):
        if not ids: ids.append(current_user_id)
        return query_users(ids)

And now everyone sees the data of a random user, and your foot is missing.

Is it good code? No. Good version control hygiene? Also no. Should you crucify the developer who made this mistake? Of course not, especially once you add the boilerplate chaff that was omitted here. That's why it's called a footgun, it's easy to misuse.