Addressing the vulnerabilities of open source software (OSS) in city governments is of paramount importance due to the increasing frequency and impact of cybersecurity incidents worldwide. Recent events, such as the ransomware attack on IFX Networks in Colombia and the cyberattack in Kenya, highlight the critical need for enhanced security measures. Moreover, the pervasive nature of OSS, affecting digital infrastructures in both public and private sectors, underscores the urgency of understanding these vulnerabilities. This research project aims to comprehensively assess the susceptibility of city governments to OSS vulnerabilities, providing insights into governance systems and enabling conditions. By identifying strategies and best practices, the study will contribute essential knowledge to enhance cybersecurity, promote open source as a public good, and safeguard digital infrastructures globally.