AI-Generated Code CVEs Surge 6x in Three Months: 35 Disclosed in March 2026
Infosecurity Magazine·high signal
At least 35 new CVE entries disclosed in March 2026 were directly traced to AI-generated code, up from 6 in January and 15 in February—a 6x surge in 90 days. Georgia Tech's SSLab tracks these via the 'Vibe Security Radar' project launched May 2025. Separately, researchers analyzed 30,000+ MCP skills and found over 25% contained at least one vulnerability.