A Remediation Project was built as Static for a special project. But I am finding that new solutions for vulnerabilities found after 4/1/25 are still being “dynamically” with this query in place:
asset.vulnerability.firstFound <= 2025-04-01T23:59:59 && asset.tags IN ['audit1'] && (vulnerability.severity = 'critical' || vulnerability.severity = 'severe')
Even if test this in Query Builder, as well as adding an additional Finding filter for ‘finding.firstFound <= 2025-04-01T23:59:59’ or ‘vulnerability.datePublished <= 2025-04-01T23:59:59’, I still get Solutions for vuln. first found ater 4/1/25 and even published after 4/1/25.
I would think this should not occur, but the only logical explanation would be if it was for a superseded solution/patch…