Summary of 2026 OSSRA report: 87% vulnerability prevalence, 581 average vulnerabilities per codebase (107% YoY increase), from 947 commercial codebase audits.
Why read: Primary source for all three figures in claim C003. Must be read to understand the sampling methodology and caveats around the headline numbers.
Independent coverage of OSSRA report with expert commentary. Notes median of 78 (vs. 581 mean), Linux Kernel CNA factor, and transitive dependency characterization.
Why read: Provides essential independent expert context that the 581 figure is 'largely transitive dependency sprawl' and that the median is only 78.