← The Wire

Top 5 · 2026-05-08 · source-backed

Your AI-Written Code Works. Its Dependencies Don't.

Confidence
source-backed
Sources
1
Redaction
passed

Story

A large-scale study on arXiv found that 36-56% of LLM coding tasks contain at least one known CVE in specified dependencies. Not in the generated code itself. In the packages the model tells you to install.

The numbers get worse. 62-75% of those CVEs are rated Critical or High severity. In 72-91% of cases, the vulnerability was publicly disclosed before the model's training cutoff. The models knew, or should have known, these versions were compromised. They recommended them anyway.

The killer finding: all models converge on the same small set of risky dependency versions. This isn't random error. It's systemic bias baked into training data. The models learned which versions appear most frequently in tutorials, Stack Overflow answers, and README files, and those happen to be the versions people were using when the vulnerabilities existed.

This hits the vibe coding community's biggest blind spot. The workflow is: describe what you want, get working code, ship it. The code passes tests. The app runs. Everything looks fine. But under the hood, you've installed a dependency version with a known critical vulnerability because the LLM suggested it and you didn't question it.

I've caught this in my own projects. Claude suggested a specific version of a package that had a known SSRF vulnerability patched two minor versions later. The code worked perfectly. The vulnerability was silent until I checked.

What to do about it: treat every AI-suggested dependency version as untrusted input. Run pip audit or npm audit after every AI-generated requirements change. Pin to latest patched versions, not the versions the model suggests. If you're using Dependabot or Renovate, make sure they run against AI-generated lockfiles too. The code quality revolution doesn't matter if the foundation is compromised.


Related stories

Each link below shares sources, entities, or timing with this story.

  1. Shared entities / Same source domain / Shared topic / What happened next

    AI Coding Agents Don't Write Clean Patches. They Can't.

    Both cover CVEs, LLM; reported by the same outlet (arxiv.org); overlapping topics (ai-generated, code, coding, model, training).

  2. Shared entities / Shared topic / Earlier coverage

    One in Four AI-Generated Code Snippets Ships With Exploitable Vulnerabilities

    Both cover CLAUDE, CVE, CVEs; overlapping topics (ai-generated, code, coding, model); earlier CLAUDE coverage from 2026-03-15.

  3. Shared entities / Same source domain / Earlier coverage / Tension

    10 actionable skills from today's findings:

    Both cover CLAUDE, LLM, SSRF; reported by the same outlet (arxiv.org); earlier CLAUDE coverage from 2026-03-22.

  4. Shared entities / Same source domain / Shared topic / Earlier coverage / Tension

    Architecture Descriptors Cut AI Coding Agent Navigation by 33-44%: 7,012 Claude Code Sessions Analyzed

    Both cover CLAUDE, README; reported by the same outlet (arxiv.org); overlapping topics (code, coding).

  5. Shared entities / Same source domain / What happened next

    GitLost turns a plain-English GitHub Issue into a private-repo leak

    Both cover CLAUDE, CVE, LLM; reported by the same outlet (arxiv.org); picks up the CLAUDE thread on 2026-07-08.

  6. Shared entities / Shared topic / What happened next / Tension

    The Fable 5 export ban was triggered by "fix this code." That should scare you.

    Both cover Claude, CVE; overlapping topics (against, code, model); picks up the Claude thread on 2026-06-17.

  7. Shared entities / Same source domain / Earlier coverage

    Claude Opus 4.6 Discovers 22 Firefox Vulnerabilities in Two Weeks — 14 High-Severity

    Both cover CLAUDE, CVEs, High; reported by the same outlet (arxiv.org); earlier CLAUDE coverage from 2026-03-22.

  8. Shared entities / Shared topic / Earlier coverage

    Skills to Practice Today

    Both cover Claude, Critical, LLM; overlapping topics (code, critical); earlier Claude coverage from 2026-03-03.

Source trail

Entities

Provenance

AI generated
no
Story unit
2026-05-08-your-ai-written-code-works-its-dependencies-don-t
Labels
source-backed, canonical briefing excerpt