The User by Highest Unmitigated Risk report identifies how many unique users have executed both sides of an SoD or Sensitive Access Risk without having any mitigating controls assigned. Since a user can execute multiple risks, the report will display them based on the highest level of risk they have executed. Selecting a section of the graph will show the User Summary report with the correct filter applied on the Highest Level of Fully Executed Unmitigated Risk column.
This is the companion discussion topic for the documentation at https://documentation.sailpoint.com/access-risk-mgmt/help/activity/highest_unmitigated_risk.html