Dark background graphic with headline '45% of AI-Generated Code Has Security Flaws' in white DM Sans font with teal accent bar, showing a simplified code block with red vulnerability markers, SMB Accelerators branding in footer

45% of AI-Generated Code Has Security Flaws. Your Review Process Wasn't Built for This.

April 05, 20268 min read
Custom HTML/CSS/JAVASCRIPT

Nearly half of all code produced by AI coding assistants fails basic security tests. That's not a projection; it's the finding from Veracode's 2025 GenAI Code Security Report, which tested over 100 large language models across four programming languages and found that 45% of AI-generated code samples introduced OWASP Top 10 vulnerabilities. Cross-site scripting alone had an 86% failure rate.

The number has been independently corroborated. AppSec Santa's 2026 study tested 534 code samples across six major LLMs and found a 25.1% confirmed vulnerability rate against the OWASP Top 10. Meanwhile, researchers at Georgia Tech's Systems Software & Security Lab have been tracking CVEs directly attributable to AI coding tools through their Vibe Security Radar project — and the numbers are accelerating. In March 2026 alone, 35 new CVEs were disclosed that traced back to AI-generated code, up from just six in January.

The problem isn't that AI can't write code. It's that AI writes code without a security context, and most organizations review that code using processes designed for a fundamentally different threat model.

How bad is the data, actually?

The security findings cluster around a few consistent patterns, and the convergence across independent studies is what makes them hard to dismiss.

Veracode's analysis found that AI-generated code contains 2.74 times more vulnerabilities than human-written code across controlled benchmarks in Java, JavaScript, Python, and C#. Java was the worst performer, with a 72% security failure rate for AI-generated samples. Apiiro's independent research across Fortune 50 enterprises found 322% more privilege escalation paths, 153% more design flaws, and a 40% increase in secrets exposure in AI-generated code compared to human baselines.

The secrets problem is its own category. GitGuardian's 2026 State of Secrets Sprawl report found that AI-assisted commits on GitHub leaked credentials at roughly double the baseline rate — 3.2% versus 1.5% for all public commits in 2025. At peak in August 2025, Claude Code-assisted commits reached 31 leaked secrets per 1,000 commits, about 2.4 times the human baseline. And across the broader ecosystem, 28.65 million new hardcoded secrets were detected in public GitHub commits in 2025, a 34% year-over-year increase.

Black Duck's 2026 OSSRA report showed that the mean number of vulnerabilities per codebase jumped 107% year over year. Aikido Security's production data indicates AI-generated code now accounts for roughly one in five enterprise security breaches.

These aren't edge cases. This is the baseline.

Why does AI-generated code fail differently than human code?

Human developers write insecure code, too — that's not new. What's different is how AI introduces vulnerabilities and why traditional detection methods miss them.

The Cloud Security Alliance's analysis of AI coding assistant risks identifies three root causes. First, LLMs learn by pattern-matching against public code repositories, and if insecure patterns appear frequently in training data — like string-concatenated SQL queries — the model will reproduce them confidently. Second, AI tools generate code without understanding the application's risk model, internal standards, or threat landscape. An AI assistant tasked with building an API endpoint will deliver one that accepts input without validation, sanitization, or authorization — because the prompt never said it needed to. Third, the most dangerous flaws don't look like flaws. They emerge in logic gaps, edge cases, and missing protections that the AI never considered because it lacks semantic understanding of the broader system.

Ox Security's 2025 analysis of more than 300 repositories identified ten recurring anti-patterns present in 80–100% of AI-generated code, including incomplete error handling, weak concurrency management, and inconsistent architecture. Their assessment: AI-generated code is "highly functional but systematically lacking in architectural judgment."

Trend Micro's March 2026 analysis adds a structural dimension. When code is generated from prompts, accountability disperses. The person who wrote the prompt, the model that produced the output, the engineer who reviewed it, and the team that owns the service may all be different people. Institutional knowledge erodes quickly. Nobody wrote the code line by line, so nobody can explain it when something breaks. What should be a straightforward fix requires reconstructing intent across multiple layers of abstraction, and security fixes that demand architectural understanding become disproportionately expensive.

Why don't existing review processes catch it?

Because they were designed for human-authored code arriving at human speed.

A 2025 study by METR (Measurable Empirical Research Team) found a 39–44% gap between perceived and actual developer productivity when using AI tools. The results were counterintuitive: measured task completion was actually 19% slower with AI assistance, even though developers reported feeling about 20% more productive. The researchers attribute the gap to two well-documented cognitive biases. Automation bias leads developers to accept AI output with less scrutiny than they'd apply to their own code. The effort heuristic causes them to equate less typing with less total work — overlooking the verification, debugging, and integration effort that AI-generated code still requires. Two cognitive biases explain the gap: automation bias (overtrusting automated output) and the effort heuristic (mistaking less typing for less work).

Developer trust tells the same story from the other direction. Stack Overflow's 2025 developer survey found that 84% of developers use or plan to use AI coding tools, but only 29% trust the accuracy of AI-generated results - down 11 percentage points from 2024. Adoption is rising while trust is falling. That's not a confidence dip. That's developers encountering, at scale, what the security data already shows.

CodeRabbit's December 2025 analysis of 470 open-source GitHub pull requests found that AI-co-authored code had approximately 1.7 times as many major issues as human-written code, with elevated rates of logic errors, misconfigurations (75% more common), and security vulnerabilities (2.74x higher). The code looks finished. It runs. It passes basic tests. But the review process that catches a junior developer's SQL injection doesn't catch an AI's confidently generated authentication bypass because the surrounding code looks polished enough to pass a scan.

What does governance for AI-generated code actually look like?

Not more scanners. Not slower pipelines. Structure.

NIST's SP 800-218A extends the Secure Software Development Framework specifically to address AI-generated and AI-assisted code. The OpenSSF's Security-Focused Guide for AI Code Assistant Instructions provides concrete implementation guidance for organizations integrating AI coding tools into secure development workflows.

The frameworks converge on a common set of requirements: treat AI-generated code as untrusted input. Enforce security reviews structurally, rather than leaving it to individual developers to decide whether a given block of AI output needs closer inspection. Separate high-risk code paths (authentication, encryption, payment processing, data sanitization) from areas where AI generation carries lower risk. Track what percentage of the codebase is AI-generated so testing effort can be scoped accordingly.

Gartner's prediction makes the stakes explicit: by 2028, prompt-to-app approaches will increase software defects by 2,500%, triggering a software quality and reliability crisis. That's not inevitable. It's the outcome for organizations that skip the architectural checkpoints, human reviews, and governance frameworks that the data already says are necessary.

The structured methodology gap

The security tooling market is responding with more scanners, more dashboards, more alerts. That addresses detection. It doesn't address the structural problem: AI-generated code lacks the architectural judgment, threat modeling, and contextual awareness that experienced engineers apply by default.

This is the gap that ARKAVUS-Dev™ is designed to fill — not as another scanning layer, but as a structured methodology that embeds governance, quality gates, and architectural constraints into the development process itself. ARKAVUS-Dev was used to build ERIGO-OS™, our runtime governance engine for AI agents, and to build the ARKAVUS platform itself. The methodology is the product, and the product is the proof.

The question for engineering leaders isn't whether AI coding tools introduce risk. The data on that is settled. The question is whether your development process has the structural controls to absorb that risk at the speed at which AI generates code.

If the answer requires you to pause and think about it, it's probably no.


Brian Morgan is the Founder & CEO of SMB Accelerators, Inc. and the architect of the ERIGO platform — an integrated governance, assessment, and runtime enforcement system for AI in federal and enterprise environments. He brings 20+ years of federal IT leadership including IT Director at the VA ($100M+ budget, ~300 staff) and senior positions at ManTech, Perspecta, and Agile Six. He is a published AMIA author, 2011 EHR Game Changer Award recipient, and holds FEAC CEA and FAC P/PM Senior credentials.

Explore ERIGO-OS → · Explore ERIGO-AI → · Book a call →


Sources

  1. Veracode, "2025 GenAI Code Security Report," September 2025 — veracode.com

  2. Georgia Tech SSLab, "Vibe Security Radar," ongoing (March 2026 data) — infosecurity-magazine.com

  3. AppSec Santa, "2026 AI-Generated Code Security Study," March 2026 — paperclipped.de

  4. GitGuardian, "2026 State of Secrets Sprawl Report," March 2026 — thehackernews.com

  5. SoftwareSeni / Veracode / Apiiro data summary, February 2026 — softwareseni.com

  6. Cloud Security Alliance, "Understanding Security Risks in AI-Generated Code," July 2025 — cloudsecurityalliance.org

  7. Ox Security, "Army of Juniors: The AI Code Security Crisis," October 2025 — infoq.com

  8. Trend Micro, "The Real Risk of Vibecoding," March 2026 — trendmicro.com

  9. METR, "AI Developer Productivity Study," 2025 — codebridge.tech

  10. Stack Overflow, "Closing the Developer AI Trust Gap," February 2026 — stackoverflow.blog

  11. CodeRabbit, "Open-Source AI Code Quality Analysis," December 2025 — via Wikipedia/Vibe coding

  12. NIST, "SP 800-218A: Secure Software Development Practices for Generative AI," 2025 — nvlpubs.nist.gov

  13. OpenSSF, "Security-Focused Guide for AI Code Assistant Instructions," 2025 — best.openssf.org

  14. Gartner, "Predicts 2026: AI Potential and Risks Emerge in Software Engineering Technologies," December 2025 — armorcode.com

  15. Black Duck, "2026 OSSRA Report," 2026 — via paperclipped.de

Back to Blog