Fix open source CVEs, without upgrades

Patch open source CVEs in the versions you are already running (no upgrades).

Fix vulnerabilities in both direct and transitive dependencies.

Clear critical and high findings fast using our 72-hour SLA.

Stay compliant without breaking changes or roadmap disruption.