Which action is required for high-risk vulnerabilities identified in the vuln ID process?

High-risk vulnerabilities should be remediated by fixing the underlying code, not by leaving them as-is or merely patching around them. Addressing them with coding techniques means changing the software itself to remove the vulnerability—such as implementing secure input validation, proper authentication and authorization checks, safe data handling, and other secure coding practices. This approach targets the root cause in the application, providing a durable fix that reduces risk across future updates and deployments. While patches can be part of remediation, the most effective long-term fix for many high-risk issues is to correct the code. Deleting the record or doing nothing would leave the vulnerability unresolved, which is incompatible with the goal of reducing risk promptly.