Our Q3 2025 analysis surfaced over 30,000 confirmed vulnerabilities across live and in-development codebases. While Q2 marked a turning point in ecosystem maturity, Q3 reveals a persistent blind spot: the most damaging vulnerabilities aren't novel, they're repeatable, systemic, and quietly shipped every sprint.