In this white paper we conducted extensive research on how organizations manage their open source vulnerabilities. This white paper explores the challenges and limitations they encounter, as well as the available solutions. Why is open source vulnerability remediation so challenging? We discuss the limitations of Software Composition Analysis (SCA) and prioritization tools. Our research highlights the persistent challenge of unaddressed vulnerabilities in organizations, and examines the use of AI and automation in potentially solving many of these challenges.