With lemmy it is possible to upload any image to the lemmy server (including archive websites), while writing a post without even posting.
This could be used to upload pornographic, right winged or other illegal content and use it or share it on other platforms, even if the content is on your lemmy instance.
In Germany advocates even use archive.org as an evidence that you had illegal content on your website, including the exact date.
This could be very expensive for everyone who is managing a lemmy instance.
Another problem with the upload is, that a lot of images can be uploaded, without even using them in a post, just filling up the server with garbage data. Attackers could use this to automatically fill up the web space and provoke a crash.
Who is the owner of uploaded and shared images and posts? If a lemmy post gets shared, a copy of the image will be created. If the image doesn’t have a share-alike licence, the owner of the instance could get in trouble.
I am not an advocate! Those are just things I thought about, which could cause trouble if I would have a lemmy instance.