Vulnerability Disclosure in the Age of AI

New article: “Responsible Disclosure in the Age of AI: A Call for Urgent Action,” by Melissa Hathaway.

Abstract: Artificial intelligence is fundamentally reshaping the balance between vulnerability discovery and remediation. Frontier AI models are now capable of autonomously identifying exploitable software vulnerabilities at unprecedented speed and scale. This development exposes decades of accumulated technical debt created by a software industry that prioritized rapid deployment over secure-by-design engineering practices. Drawing on the evolution of software assurance, vulnerability disclosure frameworks, and U.S. cyber policy, this perspective argues that the current moment represents a strategic inflection point for governments, industry, and critical infrastructure operators. The author examines the growing tension between offensive and defensive equities in cyberspace, the emergence of AI-enabled vulnerability discovery capabilities in both the U.S. and China, and the increasing risks posed by unsupported legacy systems and AI-assisted code generation practices. Responsible disclosure can no longer remain a reactive or fragmented process, but must become a coordinated national and international resilience effort involving governments, software vendors, infrastructure operators, and emergency response organizations. The article concludes with an urgent call for accelerated remediation, large-scale patch management coordination, and sustained investment in automated vulnerability repair capabilities before adversaries exploit this rapidly narrowing window of opportunity.

Tags: , , ,

Posted on June 1, 2026 at 12:49 PM10 Comments

Comments

Clive Robinson June 1, 2026 1:54 PM

@ ALL,

The first point of note,

“This development exposes decades of accumulated technical debt created by a software industry that prioritized rapid deployment over secure-by-design engineering practices”

Is something I’ve previously warned about.

Not just because of the nasties it hides, but more importantly the fact it makes AI Vulnerability finding look way more impressive than it actually is.

In short the veritable tsunami of “technical debt” has not broken over us because nobody has really been interested in “chasing it down” because there was no financial incentive to do so.

Now AI can find much of this technical debt quickly and currently at low cost…

Yes “the equation has changed”, which means a lot of stuff that should have been dealt with a couple of decades ago no has to be fixed

The result will be a very large initial work load, that will fairly quickly get reduced down to a much much lower rate if not trickle.

To much is currently being made about the “quantity of technical debt” some types of LLM systems are finding.

The thing is the AI systems are not really finding anything particularly new.. In effect they are finding lots and lots of “Known Knowns” that have been “ignored”, some “unknown, knowns” that are basically a small variation on “known knowns”.

These things just require a “clean-up”

What we really need and it’s something Current AI LLM and ML systems are not of much use for is finding the “unknown unknowns” and the more serious “unknown knowns”.

We are currently quite a way from these automated systems finding new instances in a class of known vulnerability type and more than “moon shot” distances on new unknown instances in new unknown classes.

We will have to wait for the “initial smoke to clear” before we can asses what type of combustion is causing it, and if it’s actually a problem. This is something that Current AI systems can’t really replace “experienced humans” with and it’s going to take us quite a while –if ever– before we can.

Raphael Khoury June 1, 2026 2:44 PM

Peter Swire has a brilliant essay “A Model for When Disclosure Helps Security: What Is Different About Computer and Network Security?”, on when disclosure is beneficial to security v. when it’s dangerous. We can revisit his criteria in the light of the advances in AI.

Clive Robinson June 1, 2026 3:02 PM

@ ALL,

For those that read through the article it actually offers not much in terms of resolving the issues.

And get some things wrong,

“We are in a window of extreme vulnerability and we should expect malicious actors, who are now also aware of those newly disclosed vulnerabilities, to exploit unpatched systems and steal sensitive data, hold business hostage through ransomware, knock businesses offline and, in some cases, destroy the IT systems that power hospitals, schools, businesses, and essential services. AI has made exploitation of the vulnerabilities an easy task.”

Yes “we are in a window” in fact as I’ve mentioned before we are in several of them and detailed why.

But the one thing I would not be daft enough to do is say the likes of,

“AI has made exploitation of the vulnerabilities an easy task”

In the way it has been. Because it lets those who are actually responsible “off the hook”.

Remember we are talking about “technical debt” that the article author says,

‘For the last four decades, we have allowed the information and communications technology (ICT) —software and hardware industry— to deliver flawed products under the principle: “field it fast and fix it later”

Which clearly points out two things as I’ve noted in the past,

1, Technical debt has been around going back a working lifetime or more.
2, Technical debt is a management choice, and people will point at “Microsoft” management as being the industry cheerleader in this regard.

But it also misses out on two other points I’ve made,

3, It is the “US Culture” as pushed by the “American Dream” ethos that gives rise to neo-con capitalist way of deregulation and worse that causes the management choice.
4, The countries most effected by cyber-crime are those driven by the neo-con capitalist short term thinking.

Back when 9/11 happened for some reason most failed to realise that the US was vulnerable to being attacked by it’s own technology that was to convenient thus the nation had become overly dependent on.

The thing is the ICT Industry has created this “cul de sac of doom” into which nearly the whole US economy has walked.

When you are in a cul de sac you have two basic choices get to the end and fail to progress, or turn around and try a different path.

The thing is whilst individuals can turn around at any time a nation basically can not. Because those pushing on to the end will force those who have tried to turn around, down the way to failing to progress.

If people are serious about resolving cyber-crime then they must accept that above all there has to be a very significant cultural change in which all must participate …

And to be honest I can not see that happening any time soon unless there is a major economic collapse of the sort that happened nearly a century ago.

Anonymous June 1, 2026 8:18 PM

I call bs on this.

In 2025, it is estimated that over 90% of successful intrusions were the result of software
vulnerabilities (Geller 2025).

Most intrusions occurred from stolen or social engineered login credential. IMO AI rapidily finding flaws and exploiting them is important but social engineering and stolen credentials is a much bigger problem and we should focus on that first. Just my opinion.

Zsolt June 1, 2026 8:34 PM

I was missing one aspect from the article: it mentioned that we have a window of 12-24 months to solve the problem of fixing vulnerabilities before a malicious AI user finds them. It didn’t really elaborate on how it came to this window size.

The author wrote that DeepSeek is reportedly pretty close to the OpenAI/Anthropic vulnerability-finding AI models.

However the 12-24 months window is for something else: it’s for the open-source models.

Open-source LLMs are being developed and released also at a very fast pace and people say that they are just 6-24 months behind proprietary models (in some tasks the gap is shorter, in other tasks it’s wider), and the gap is getting shorter and shorter with newer generations.

So it’s to be expected that in 12-24 months everybody might be able to run a Mythos-like LLM (at home or on rented hw), thus OpenAI/Anthropic won’t be gatekeepers of this (currently cutting edge) tech for too long.

KC June 1, 2026 9:01 PM

It’s reported that at least 40 of the largest software and hardware vendors now have access to two large AI models – Anthropic and OpenAI – to identify vulnerabilities.

However, automated repair tools are not readily available or commercialized.

Adding to this bottleneck, many orgs – especially in manufacturing and healthcare – are running legacy or unsupported products that will need to be replaced asap.

With the speed of vuln discovery having reportedly shrunk from 60 days to 4 hours, is our Y2K moment already here?

Clive Robinson June 2, 2026 4:39 AM

@ KC, ALL,

With regards,

“Adding to this bottleneck, many orgs – especially in manufacturing and healthcare – are running legacy or unsupported products that will need to be replaced asap.”

The “legacy or unsupported” all to often comes about due to “regulatory approvals”.

I first came to understand the problem with developing medical equipment back last century, and later seriously getting to grips with it when designing “On-Prem Telco Equipment”.

Put simply it turned out it was easiest and fastest to market to go “full embedded”. That is by writing the equivalent of your own minimal “Bootloader, BIOS, and OS” to develop your software on.

In part it reduced not just development time costs but as importantly hardware costs[1] a lot as you could better manage the then very limited resources.

Because it gave you full “version control” during what could be a two year development and approvals process. With “Approvals test lab waiting time” being upto a year and more expensive than you would care to imagine.

These days the likes of PC104 base and stackable I/O systems are “going the way of the dodo”,

https://pc104.org/hardware-specifications/pc104/

As the single microcontroller *nix systems used in IoT and low cost network “edge equipment” in effect take over[2].

Thus bringing industry wide attacks into scope that previously did not happen, many of which are legacy and unsupported but still “approved” embedded equipment.

[1] Hardware costs are predicated in turn on demand and availability of component parts. We are currently not just hearing but seeing the cost and availability of memory chips “going more than orbital” as mostly faux AI demand is creating “advanced shortages”. That is where the entire future output of Fabs is being “pre-purchased” by “contract”, which in turn has caused some Fabs to “hold back” current production as they know they don’t have the capacity to future supply both ordinary and AI market demands, so have to build in “slack and increased revenue” so they can build extra capacity into the system with care due to several nations “Hostile Intent”.

[2] This “invasion of IoT” is not quite “true”, because in quite a few cases I’m aware of, “hand held games devices” were purchased in bulk, stripped from their cases and put behind 19″ rack fascias to give a cheap graphics terminal type interface. Doing that is still less expensive than building out “Single board Controllers”(SBCs) purchased as “Consumer Off The Shelf”(COTS) parts (especially with significant COTS price rises due to “memory chip” issues[1]).

lurker June 2, 2026 2:59 PM

Computer security used to be enforced by physical pass keys to the room where the computer was installed, and everybody inside that room (wearing white coats) knew and trusted everybody else in there. In the next story on this blog[1] @Bruce summarises what has happened since.

I take the liberty to make a small change to one of his sentences

But as computers have infused throughout our lives, and networks have connected all those computers, those aspects of cybersecurity have become increasingly [forgotten and disregarded].

Why? One aspect is the race to the bottom as inputs are minimised to maximise profits. Note that that while Milspec systems are not totally immune, they demonstrate there is another way.

Can government regulation solve the problem? Not in the US where such would be regarded as poison. Europe would be more amenable to government enforcement of cybersecurity, but they are a long way down their learning curve. Even in China, where cybercriminals are taken out back and shot, cybercriminals still keep appearing.

[1] https://www.schneier.com/blog/archives/2026/06/the-intersection-of-encryption-and-ai.html

Clive Robinson June 2, 2026 9:21 PM

@ lurker, ALL,

With regards,

“Even in China, where cybercriminals are taken out back and shot, cybercriminals still keep appearing.”

The issue is not deterrence or even execution, because as long as there is sufficient incentive then people will “step into dead men’s shoes”.

In the UK this can be seen playing out with “illegal boat crossings” and attempts to hide under the “Channel Tunnel Trains”.

Put simply if you machine gunned the boats and left all on board for dead in the water, there would be another boat another night to take it’s place and so on.

Such behaviour is obviously unacceptable in anything approaching a civilized society, so something else has to be tried. The obvious answer is “break the risk reward” cycle not at “risk” but at “reward” that is “remove the incentive”.

But before you can “remove an incentive” you have to know what all parts of the “incentive” are, and that is all to often not as obvious as people think because of things like cognitive bias.

An example I give is “National/State lotteries.

In the UK your odds of getting the correct numbers is about 1 in 13 million but by the time you factor in other things your payout is considerably less of what is payed in.

It’s a “fools game” yet every week people buy lottery tickets in considerable numbers…

There is nothing that you or I could say to stop them buying the tickets.

Even changing the odds dramatically won’t stop them buying tickets…

So how do you disincentivize such people?

ResearcherZero June 4, 2026 6:44 AM

@Clive Robinson

Politicians would have to incentivize people to do the right thing and make wiser choices, but this is counter to many of their objectives, interests and own behaviour. Their funding model has long taken advantage of inequality and unequal legal model. This is a driver of selfish incentives, instead of a more holistic view of society and one’s place as part of a community. Rather the current approach is driving disincentives at every level and punishing people for dedication, generosity, integrity, humility, honesty and compassion.

Some become jaded and apathetic. They may no longer see a future in service and sacrifice for little reward at the end of it. Premature retrenchment, or malicious targeting of their own enterprise by those in positions of power who believe they can take it for themselves.

This is has driven wide distrust, given the comparison between the words and actions of the political class. The repeated behaviour of politicians and those in their orbit clearly demonstrates a disregard for rules and societal conventions, which sets a very bad example and sends a message to many that they can also ignore rules, laws and behavioral protocols.

Work for the government, put in a lot of effort, only to be fired and see much of that work discarded. Gutting US cyber security was incredibly stupid for a multitude of reasons.

https://arstechnica.com/tech-policy/2026/06/trumps-ai-executive-order-may-not-prevent-dangerous-deployments/

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.