From 71d1eadb416a1530cbefb1398155c21c88f9537b Mon Sep 17 00:00:00 2001
From: nicoletacoman <nicoleta.coman@mendix.com>
Date: Thu, 18 Jun 2026 11:34:16 +0200
Subject: [PATCH 1/2] Software Composition Vulnerabilities

---
 .../security/software-composition/components.md             | 4 +---
 .../security/software-composition/overview.md               | 2 --
 .../security/software-composition/scoring-criteria.md       | 5 +----
 content/en/docs/deployment/general/software-composition.md  | 4 ----
 content/en/docs/releasenotes/control-center/2026.md         | 6 ++++++
 5 files changed, 8 insertions(+), 13 deletions(-)

diff --git a/content/en/docs/control-center/security/software-composition/components.md b/content/en/docs/control-center/security/software-composition/components.md
index 29f1d30bc36..d265ebbc52a 100644
--- a/content/en/docs/control-center/security/software-composition/components.md
+++ b/content/en/docs/control-center/security/software-composition/components.md
@@ -86,11 +86,10 @@ The finding list contains the following information:
 
     * Deprecated components: The current date - The date when the component was deprecated    
     * Outdated components: The current date - The publish date of the first higher runtime compatible version
-   <!-- * Vulnerable components: The number of days since the date when the CVSS score was computed -->
+    * Vulnerable components: The number of days since the date when the CVSS score was computed 
 
 * Column customization ({{% icon name="view" %}}) — You can customize the columns in the list by clicking the {{% icon name="view" %}} icon and selecting or deselecting options.
 
-<!--
 #### Finding and Component Details
 
 If a finding is marked as **Vulnerable**, its corresponding component has a **View Details** button. Clicking it opens a window which includes these sections:
@@ -112,7 +111,6 @@ If a finding is marked as **Vulnerable**, its corresponding component has a **Vi
     * **Apps using component** – The number of apps where the vulnerable component is used. Click **View Component Usage** to see a list of affected apps.
 
 * **Mendix Guidance** – AI-generated guidance which describes the vulnerability, outlines the reasons why it is important to fix it, and recommends solutions.
--->
 
 ### Component Usage {#component-component-usage}
 
diff --git a/content/en/docs/control-center/security/software-composition/overview.md b/content/en/docs/control-center/security/software-composition/overview.md
index b5ee859f20e..e23dc4f9447 100755
--- a/content/en/docs/control-center/security/software-composition/overview.md
+++ b/content/en/docs/control-center/security/software-composition/overview.md
@@ -105,7 +105,6 @@ The finding list contains the following information:
 * **Deprecated since version publish date** — The release date of the version when the component became deprecated.
 * Column customization ({{% icon name="view" %}}) — You can customize the columns in the list by clicking the {{% icon name="view" %}} icon and selecting or deselecting options.
 
-<!--
 #### Finding and Component Details
 
 If a finding is marked as **Vulnerable**, its corresponding component has a **View Details** button. Clicking it opens a window which includes two sections:
@@ -125,7 +124,6 @@ If a finding is marked as **Vulnerable**, its corresponding component has a **Vi
     * **Type** – The type of the component affected by this finding.
     * **Publisher** – The entity that published the component affected by this finding.
     * **Apps using component** – The number of apps where the vulnerable component is used. Click **View Component Usage** to see a list of affected apps.
--->
 
 ### Component Usage {#overview-component-usage}
 
diff --git a/content/en/docs/control-center/security/software-composition/scoring-criteria.md b/content/en/docs/control-center/security/software-composition/scoring-criteria.md
index 747cfab5403..cca60c1c460 100644
--- a/content/en/docs/control-center/security/software-composition/scoring-criteria.md
+++ b/content/en/docs/control-center/security/software-composition/scoring-criteria.md
@@ -14,8 +14,7 @@ Scoring criteria reflect your company's risk preference.
 
 The settings on this tab determine how each such vulnerability is calculated for apps, environments, and components.
 
-<!-- {{< figure src="/attachments/control-center/security/software-composition/scoring_criteria_complete.png" >}} -->
-{{< figure src="/attachments/control-center/security/software-composition/scoring_criteria.png" >}}
+{{< figure src="/attachments/control-center/security/software-composition/scoring_criteria_complete.png" >}}
 
 The default values are strict, but you can adjust them to reflect the practice of your company.
 
@@ -23,13 +22,11 @@ The default values are strict, but you can adjust them to reflect the practice o
 
 The types of findings that you can adjust for are **Outdated** and **Deprecated**.
 
-<!--
 ### Vulnerable
 
 A finding is generated when a component is published on the [Security Advisories](/releasenotes/security-advisories/) page, and is assigned a specific CVSS score. CVSS scores are based on the [NVD Vulnerability Metrics](https://nvd.nist.gov/vuln-metrics) framework, and cannot be orverriden.
 
 You can choose the combination of CVSS range and severity for which you want a component to be marked as vulnerable.
--->
 
 ### Outdated
 
diff --git a/content/en/docs/deployment/general/software-composition.md b/content/en/docs/deployment/general/software-composition.md
index 49796e0a2f9..a02e89da73e 100644
--- a/content/en/docs/deployment/general/software-composition.md
+++ b/content/en/docs/deployment/general/software-composition.md
@@ -127,7 +127,6 @@ The page is divided into two tabs: **Findings** and **Component Usage**. For det
 * [Findings](/control-center/overview-tab/#overview-findings)
 * [Component Usage](/control-center/overview-tab/#overview-component-usage)
 
-<!--
 #### Finding and Component Details
 
 If a finding is marked as **Vulnerable**, its corresponding component has a **View Details** button. Clicking it opens a window which includes two sections:
@@ -148,7 +147,6 @@ If a finding is marked as **Vulnerable**, its corresponding component has a **Vi
     * **Publisher** – The entity that published the component affected by this finding.
 
 * **Mendix Guidance** – AI-generated guidance which describes the vulnerability, outlines the reasons why it is important to fix it, and recommends solutions.
--->
 
 ## Components {#all-components}
 
@@ -237,7 +235,6 @@ The finding list contains the following information:
 
 * Column customization ({{% icon name="view" %}}) — You can customize the columns in the list by clicking the {{% icon name="view" %}} icon and selecting or deselecting options.
 
-<!--
 ##### Finding and Component Details
 
 If a finding is marked as **Vulnerable**, its corresponding component has a **View Details** button. Clicking it opens a window which includes these sections:
@@ -257,7 +254,6 @@ If a finding is marked as **Vulnerable**, its corresponding component has a **Vi
     * **Type** – The type of the component affected by this finding.
 
 * **Mendix Guidance** – AI-generated guidance which describes the vulnerability, outlines the reasons why it is important to fix it, and recommends solutions.
--->
 
 #### Component Usage {#component-component-usage}
 
diff --git a/content/en/docs/releasenotes/control-center/2026.md b/content/en/docs/releasenotes/control-center/2026.md
index 590948d9d6d..7372204dd4d 100644
--- a/content/en/docs/releasenotes/control-center/2026.md
+++ b/content/en/docs/releasenotes/control-center/2026.md
@@ -9,6 +9,12 @@ numberless_headings: true
 
 ## June 2026
 
+### June 25, 2026
+
+#### New Features
+
+* Software Composition is now enhanced with the ability to view details on components marked as **Vulnerable**. This is available on the **Overview** and the **Components** tabs of [Software Composition](/control-center/software-composition/), and provides valuable information about the severity and CVSS score of the finding.
+
 ### June 17, 2026
 
 #### Fixes

From 2ffde7e5be58f27d18e88fba88de145440aad21c Mon Sep 17 00:00:00 2001
From: nicoletacoman <nicoleta.coman@mendix.com>
Date: Thu, 18 Jun 2026 11:48:21 +0200
Subject: [PATCH 2/2] Added RN to Deployment

---
 .../en/docs/releasenotes/deployment/mendix-cloud/_index.md  | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/content/en/docs/releasenotes/deployment/mendix-cloud/_index.md b/content/en/docs/releasenotes/deployment/mendix-cloud/_index.md
index ff757422aa3..17a2b45777e 100644
--- a/content/en/docs/releasenotes/deployment/mendix-cloud/_index.md
+++ b/content/en/docs/releasenotes/deployment/mendix-cloud/_index.md
@@ -16,6 +16,12 @@ For information on the current status of deployment to Mendix Cloud and any plan
 
 ## June 2026
 
+### June 25, 2026
+
+#### New Features
+
+* [Software Composition](/developerportal/deploy/software-composition/) is now enhanced with the ability to view details on components marked as **Vulnerable**. This provides valuable information about the severity and CVSS score of the finding.
+
 ### June 17, 2026
 
 #### Fixes