Security researchers have uncovered a critical gap in the public disclosure of vulnerabilities within open source projects. This gap poses a substantial risk, as it enables attackers to exploit vulnerabilities before they are officially patched and announced.
Source: The New Stack