Voices
AI-Generated Code CVEs Explode: 35 in March, 74 Total — Claude Code Responsible for 49, 87% of AI PRs Have Vulnerabilities
Georgia Tech's 'Vibe Security Radar' project tracked 35 CVEs in March 2026 directly attributable to AI coding tools — up from 6 in January and 15 in February — with Claude Code responsible for 27 of March's CVEs and 49 of 74 total (11 critical). CrowdStrike independently found 87% of AI-generated pull requests contain at least one security vulnerability. Georgia Tech researcher Hanqing Zhao estimates actual numbers are 5-10x higher (400-700 real cases) due to detection limitations and stripped AI traces in production code.
Source
↳ Follow the thread