Instead of presenting vulnerability counts, more visibility is required. Tools flag potential issues without validating them properly.