The open source software ecosystem is interconnected, making it challenging for developers to be aware of security issues in dependencies and continuously patch vulnerabilities in time. Open source projects are increasingly targeted due to the complexity of the supply chain and the ease with which attackers can exploit unpatched vulnerabilities. Buffer overflow vulnerabilities, such as those found in the Glibc bug, are pervasive in low-level programming languages like C++ and can be exploited by hackers to compromise systems. To mitigate these risks, developers must identify vulnerabilities in open source dependencies using automated vulnerability scanners like Snyk for C/C++. This can help minimize false-positive reports, reduce white noise, and provide visibility into the open source code being used. By scanning open source C++ projects with such a scanner, developers can protect their software from being compromised by malicious libraries and exploit vulnerabilities in time.