As per a survey by CrowdStrike, on average, 54% of major code changes undergo a full security review before deploying
to production. When looking at the breakdown of responses, 22% report reviewing 50-74% of code changes, 22% review 25-49% of code changes and 22% review 24% or fewer code changes.

This indicates how much security vulnerabilities and bugs can leak in to existing and new software due to the lack of due process by the vendors. Security conscious organizations would need to factor this in to their perimeter protection when implementing security systems.

Read more at the source below.

Source: CrowdStrike