ACCORDING to Infosecurity Magazine, AI-assisted coding tools such as Claude Code and GitHub Copilot are being linked to a wave of new vulnerabilities, with at least 35 CVE entries in March 2026 directly resulting from AI-generated code. The Vibe Security Radar, started in May 2025 by Georgia Tech’s Systems Software & Security Lab, is tracking vulnerabilities introduced by these tools across public advisories, with 74 CVEs confirmed as AI-tool–related, and Claude Code accounting for the most.
Zhao said the real number of AI-induced flaws is likely higher, estimating five to ten times the current detections in open-source projects, roughly 400 to 700 cases. The researchers use public vulnerability databases to trace the commit history and flag AI tool signatures, while noting that inline Copilot suggestions often leave no trace. They also observed that Claude Code has left a detectable signature in many cases, partly due to its ubiquitous usage in the software development community.