Software plays a central role in many businesses. At the same time, it turns out that it is very hard to develop software that has no vulnerabilities. This report describes the results of a study that examines the most common vulnerability types in code written in the Python programming language. The study also investigates the most common mitigations for the vulnerabilities. The study presents a taxonomy for mitigations and the connection between vulnerability types and mitigations. The results show that the most frequent vulnerability types are insufficient handling of input data and insufficient authentication and access control. The results also show that the most common mitigation is input validation.