Based on the fundamental rules of quantum mechanics, two communicating parties can generate and share a secret random key that can be used to encrypt and decrypt messages sent over an insecure channel. This process is known as quantum key distribution (QKD). Contrary to classical encryption schemes, the security of a QKD system does not depend on the computational complexity of specific mathematical problems. However, QKD systems can be subject to different kinds of attacks, exploiting engineering, and technical imperfections of the components forming the systems. Here, we review the security vulnerabilities of QKD. We mainly focus on a particular effect known as backflash light, which can be a source of eavesdropping attacks. We equally highlight the method for quantifying backflash emission and the different ways to mitigate this effect.