Which of the following are the MOST likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company`s final software releases? (Choose two.) 

Answer options:

A. Unsecure protocols
B. Use of penetration-testing utilities
C. Weak passwords
D. Included third-party libraries
E. Vendors/supply chain
F. Outdated anti-malware software

AC