{"id":227877,"date":"2026-03-26T12:40:00","date_gmt":"2026-03-26T16:40:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/26\/researchers-sound-the-alarm-on-vulnerabilities-in-ai-generated-code\/"},"modified":"2026-03-26T14:20:12","modified_gmt":"2026-03-26T18:20:12","slug":"researchers-sound-the-alarm-on-vulnerabilities-in-ai-generated-code","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/26\/researchers-sound-the-alarm-on-vulnerabilities-in-ai-generated-code\/","title":{"rendered":"Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/ai-generated-code-vulnerabilities\/\">Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/ai-generated-code-vulnerabilities\/\">https:\/\/www.infosecurity-magazine.com\/news\/ai-generated-code-vulnerabilities\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-26 12:40:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>Vibe coding tools like Anthropic&#8217;s Claude Code are flooding software with new vulnerabilities, Georgia Tech researchers have warned.<\/p>\n<p>At least 35 new common vulnerabilities and exposures (CVE) entries were disclosed in March 2026 that were the direct result of AI-generated code. This is up from from six in January and 15 in February.<\/p>\n<p>The vulnerabilities are being tracked as part of the \u2018Vibe Security Radar\u2019 project which was started in May 2025 by the Systems Software &#038; Security Lab (SSLab), part of Georgia Tech\u2019s School of Cybersecurity and Privacy.<\/p>\n<h2><strong>How Georgia Tech Tracks Flaws Introduced by AI Coding Tools <\/strong><\/h2>\n<p>The Vibe Security Radar aims to track vulnerabilities directly introduced by AI coding tools that made it into public advisories, such as the CVE.org, the US National Vulnerability Database (NVD), GitHub Advisory Database (GHSA), Open Source Vulnerabilities (OSV), RustSec and others.<\/p>\n<p>Speaking to Infosecurity, Hanqing Zhao, founder of the Vibe Security Radar, \u201cEveryone is saying AI code is insecure, but nobody is actually tracking it. We want real numbers. Not benchmarks, not hypotheticals, real vulnerabilities affecting real users.\u201d<\/p>\n<p>He emphasized that this tracking work was fundamental now that more people have stated vibe coding entire projects \u201cstraight to production.\u201d<\/p>\n<p>\u201cRealistically, even teams that do code review aren&#8217;t going to catch everything when half the codebase is machine-generated,\u201d he added.<\/p>\n<h2><strong>50 Vibe Coding Tool Covered, 74 Vulnerabilities Tracked<\/strong><\/h2>\n<p>Zhao claimed that his team tracks approximately 50 AI-assisted coding tools, including Claude Code, GitHub Copilot, Cursor, Devin, Windsurf, Aider, Amazon Q and Google Jules.<\/p>\n<p>To develop the Vibe Security Radar dashboard, researchers first pull data from public vulnerability databases, find the commit that fixed each vulnerability, then trace backwards to find who introduced the bug in the first place.<\/p>\n<p>\u201cIf that commit has an AI tool&#8217;s signature on it, like a co-author tag&#8230;<\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/ai-generated-code-vulnerabilities\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code https:\/\/www.infosecurity-magazine.com\/news\/ai-generated-code-vulnerabilities\/ Publish Date: 2026-03-26 12:40:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":227878,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/33f28c1b-d0af-4465-8066-4f95b78fd93b.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,27],"class_list":["post-227877","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227877"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=227877"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227877\/revisions"}],"predecessor-version":[{"id":227879,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227877\/revisions\/227879"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/227878"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=227877"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=227877"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=227877"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}