Fix open source CVEs, without upgrades

Patch open source CVEs in the versions you already run (no upgrades).

Fix vulnerabilities in direct + transitive dependencies.

Clear critical/high findings fast (72-hour SLA available).

Stay compliant without breaking changes or roadmap disruption.