Your AI Coding Assistant Doubled Your Vulnerability Surface
Black Duck's 2026 OSSRA audited 947 codebases and found the mean vulnerability count jumped 107% to 581 per application. This is not a scanner artifact. It is the direct operational cost of AI-assisted development, and it compounds with every line of AI-generated code you ship.
The Number That Should Reset Your Security Budget
One number from Black Duck's 2026 Open Source Security and Risk Analysis report deserves immediate attention: based on audits of 947 commercial codebases spanning 17 industries, the average number of open-source vulnerabilities embedded in an application rose 107%, reaching 581 per codebase. The prior year baseline was 280. That doubling happened in twelve months, coinciding with mass adoption of AI coding assistants.
This is not a story about a new attack vector or zero-day. It is a story about how quickly vulnerability debt now accumulates, driven by tooling most organizations already use and cannot easily abandon.
What Is Actually Happening in the Codebase
AI accelerates the pace of development and the rate at which new dependencies are added to codebases. AI is more likely to suggest popular, well-established open-source libraries with more documented vulnerabilities due to their widespread use and scrutiny.
AI models optimize for completion probability, not security. They suggest the most statistically likely next token from training data drawn from public repositories—repositories carrying years of accumulated vulnerability debt. Developers accept the suggestion. The dependency lands in the tree. The vulnerability count rises.
The mean number of files per codebase grew 74% year-over-year, while the average number of open source components increased 30%. This file and component growth tracks AI-accelerated development. More code, faster, with less per-line scrutiny.
Mean vulnerabilities more than doubled from 280 to 581, while components per application grew 30%. Component growth alone cannot explain a 107% vulnerability jump. The gap reflects the security-naive quality of AI suggestions.
Mean vs. Median: Which Number Matters
Codebases contained 581 mean vulnerabilities and 237 unique vulnerabilities in 2025, with the maximum in a single codebase reaching 38,998. The median was 78, a 32% increase from the prior year.
The mean gets pulled hard by outlier codebases. The median increase of 32% is more relevant for mid-sized organizations. Yet neither is acceptable. Despite the overall increase in vulnerabilities, the average number of codebases containing high-severity and critical vulnerabilities decreased by 3 and 4 percentage points respectively, yet critical vulnerabilities were still found in 44% of codebases, and high-severity flaws in 78%.
Nearly half of all audited codebases carry at least one critical vulnerability.
Developer Confidence Outpaces Reality
The vulnerability count is only part of the problem. Developer psychology around AI output compounds it. Nearly 80% of developers believe AI tools generate more secure code than humans write, a belief that contradicts empirical findings across nearly every systematic study.
A controlled user study found that developers using GitHub Copilot were more likely to submit insecure code than those coding without AI assistance, and expressed greater confidence in their submissions despite the vulnerabilities. The tools appear to generate a false sense of assurance that suppresses the critical review developers would otherwise apply.
Faster code generation plus reduced review scrutiny plus AI-suggested popular-but-vulnerable dependencies creates a cycle of accelerating vulnerability accumulation. Only 24% of organizations perform comprehensive IP, license, security, and quality evaluations of AI-generated code.
The Supply Chain Does Not Respect Boundaries
The explosion of AI-assisted development has fundamentally altered the risk landscape for software and the baseline for compliance with new regulatory initiatives such as the EU Cyber Resilience Act and DORA. Real-world attack data underscores the urgency: 65% of organizations Black Duck surveyed in 2025 reported experiencing a software supply chain attack in the past year.
Organizations that have controlled their own AI usage still face exposure. If an upstream open source project accepts AI-generated contributions, downstream consumers inherit any vulnerability debt those contributions carry. 90% of audited codebases contain open source components more than four years out-of-date. Stale dependencies combined with accelerating new vulnerability introduction creates a compounding surface.
AI-generated code also creates new IP and license risks, as models may reproduce code governed by restrictive licenses like GPL and AGPL. The 2026 OSSRA report finds that two-thirds of audited codebases contain license conflicts, the highest rate in OSSRA history.
The Real Choices
57% of organizations are already using AI-powered coding assistants, while 76% of companies that prohibit their developers from using AI coding assistants acknowledge they are being used anyway. The prohibition path is closed.
Organizations face three options: accept expanding vulnerability overhead, upgrade scanning and triage capacity to match AI generation velocity, or mandate security gates for AI-generated code before merge.
Only the third addresses the root cause. The second without the third is pure cost: more scanner alerts, more triage hours, same vulnerability introduction rate.
The scale problem compounds this. As one security practitioner noted, organizations have become very good at finding issues. They are not nearly as good at fixing them at scale. Reducing vulnerabilities requires shifting from alert generation to automated, policy-aligned remediation. Teams with mature SBOM pipelines and automated remediation will absorb this shift cheaply. Teams running manual triage will face a backlog they cannot clear.
The irony is sharp: vendors building automated vulnerability remediation on top of the same AI stack generating the vulnerabilities will find a captive market.
What to Watch
-
CI/CD gate mandates (next 6 months): Watch whether enterprises require AI-code-specific security scanning as a hard merge gate rather than advisory. The first Fortune 500 engineering mandate sets precedent.
-
OSSRA 2027 baseline (12 months): If mean vulnerabilities per codebase continue at current compounding rates, 581 will look conservative. Track the median trajectory as the cleaner signal.
-
Regulatory enforcement (6-18 months): The EU Cyber Resilience Act and DORA explicitly frame AI-assisted development as a changed risk baseline. Compliance teams will need documented AI code review processes.
-
Open source contribution policies: Monitor whether major foundations adopt formal AI-generation disclosure requirements for pull requests. That governance shift directly affects vulnerability debt flow into shared dependencies.
-
Insurance repricing: Cyber insurers have the Black Duck data. Premium adjustments for organizations without documented AI code security controls are certain, not speculative.
- AI Coding Boom Drives Surge in Open-Source Vulnerabilities
- Open-source vulnerabilities per codebase surge by 107%
- AI-Fueled Development Pushes Open-Source Risk to Extremes: Report
- Vulnpocalypse: AI, Open Source, and the Race to Remediate
- Vibe Coding's Security Debt: The AI-Generated CVE Surge
- AI-Generated Code Security Risks: Why Vulnerabilities Increase 2.74x
- Open source vulnerabilities double with AI code creation
- AI Coding Assistants in 2026: 4× Faster, 10× Riskier. The Hidden Security Cost
- AI-Generated Code Vulnerabilities 2026: Security Data & Statistics | Vibe Coding Risks, OWASP AI Code Flaws - Enterprise Remediation Guide
- Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code - Infosecurity Magazine
- Open Source Faces Rising Threats From Poor Security Oversight
- The Linux Foundation Expands Agentic AI Push With Third Major Project
- LinuxInsider | Open-Source Industry News, Reviews and Information
- Anthropic's Mythos AI Finds Decades-Old Open-Source Bugs