The Tool That Writes Your Code Is Also Writing Its Bugs
February 27, 2026 by Asif Waliuddin
The Tool That Writes Your Code Is Also Writing Its Bugs
I should disclose something upfront: the content pipeline that produced this article runs on Claude Code. It is an agentic system -- multiple Claude Code agents orchestrating each other to analyze reports, score insights, and generate drafts. I built it that way deliberately. I believe in the architecture.
Last week, Check Point Research published two CVEs for Claude Code: CVE-2025-59536 and CVE-2026-21852. Remote code execution. API key exfiltration. The attack vector was malicious Hooks and MCP servers embedded in untrusted repository project files. Open a compromised repo, and the AI coding tool executing commands on your machine could be weaponized against you.
Both vulnerabilities have been patched. Anthropic responded appropriately. That is not the story.
The story is that the tool I use to build production systems -- the tool that millions of developers trust to write, review, and execute code on their behalf -- had critical remote code execution flaws. Not in the code it generated. In itself. The AI coding assistant was the vulnerability.
That is one data point. Here are seven more, all from independent research published in the last two weeks. They tell a story that the "ship faster with AI" narrative does not want you to hear.
The Hype
You know this narrative. You have probably repeated it in a board deck or a planning meeting. AI coding assistants make developers 10x more productive. Copilot writes 40% of the code. AI is the biggest productivity unlock since the cloud. Every company needs an AI coding strategy or they will be left behind.
The implicit assumption: the code AI writes is at least as good as what humans write. Maybe it needs a review pass. Maybe it has some rough edges. But the velocity gain is so large that any quality delta is worth the trade-off.
That assumption is wrong. Not slightly wrong. Measurably, quantifiably, dangerously wrong.
The Reality
2.74x More Vulnerabilities
Multiple independent studies converge on the same finding: AI-generated code contains 2.74 times more exploitable vulnerabilities than human-written code. Between 40% and 62% of AI-generated code contains exploitable flaws -- SQL injection, buffer overflows, cross-site scripting, missing input validation.
This is from SoftwareSeni and Cycode research analyzing real-world AI-generated codebases, not synthetic benchmarks. These are the kinds of vulnerabilities that show up in production, get exploited, and end up in breach disclosures.
Net Negative Security Posture
Veracode analyzed 1.6 million applications and reached a conclusion that should stop every CTO mid-sentence: AI-driven development creates new vulnerabilities faster than teams can remediate them.
Read that again. Not "creates some new vulnerabilities that need attention." Creates them faster than they can be fixed. Net negative. The tool your team adopted to move faster is generating security debt faster than your organization can service it.
This is exactly what compound interest looks like when it works against you. Every sprint that ships AI-generated code adds to a backlog that grows faster than it shrinks. The velocity is real. The velocity is the problem.
Architectural Flaws, Not Surface Bugs
If the vulnerability profile were limited to missing input sanitization and insecure string concatenation, you could argue that better linting and static analysis would close the gap. The data says otherwise.
AI-generated code introduces 322% more privilege escalation paths and 153% more design-level flaws compared to human-written equivalents. These are not surface-level bugs that Semgrep catches in a pre-commit hook. These are architectural weaknesses -- the kinds of flaws that are baked into the structure of the code at generation time and require significant refactoring to remediate.
A privilege escalation path is not a typo. It is a design decision that the model made because it learned from training data where authorization was handled poorly, and it reproduced that pattern. The model does not understand authorization. It understands token sequences. And the token sequences it learned include a lot of insecure authorization patterns.
Your AI Is Leaking Your Secrets
Here is a finding that should make every infrastructure team immediately audit their AI-generated code: AI coding assistants produce 40% more hardcoded API keys, passwords, and tokens compared to human code. Azure API key exposure specifically doubled.
The mechanism is straightforward and almost elegant in its stupidity. The models learned from training data that contained hardcoded secrets. They internalized the pattern. Now they reproduce it. Your AI assistant learned from code with credentials in it, and it is putting them back into yours.
This is not a hallucination problem. It is worse. The model is doing exactly what it was trained to do -- reproduce common patterns -- and common patterns include security anti-patterns.
The Ecosystem Multiplier
This is not limited to your codebase. Black Duck found that open-source vulnerabilities have doubled, driven primarily by AI-accelerated code contribution volume. The same dynamics that are inflating vulnerability counts in your internal repositories are operating across the open-source ecosystem that your applications depend on.
Every library you pull in, every dependency you update, every package you trust because it has a high star count -- the code contributing to those projects is increasingly AI-generated, and it carries the same 2.74x vulnerability multiplier. Your supply chain is being poisoned at the source.
10,000 New Findings Per Month at Fortune 50
Apiiro data shows that by mid-2025, Fortune 50 companies were generating 10,000 or more new security findings per month directly attributable to AI-generated code. These are the most well-resourced organizations in the world. The best security teams. The most mature AppSec programs. And they are drowning.
If Fortune 50 firms with dedicated security engineering organizations cannot keep pace with AI-generated vulnerability volume, the question for everyone else is not "how do we manage this?" It is "do we even know the size of the problem we have?"
The Attacker Advantage
Here is where the math turns adversarial. The same AI capabilities that help your developers write code faster are helping attackers weaponize vulnerabilities faster. Veracode and Cycode data show that AI-assisted exploit development reduces the time from vulnerability discovery to working exploit by 90%.
The window is compressing from both sides. You are shipping 2.74x more vulnerabilities per deployment. Attackers are exploiting them in one-tenth the time. The gap between "vulnerability introduced" and "vulnerability exploited" is narrowing faster than any remediation process can compensate for.
What This Means
I have been writing about the Last Mile Thesis for months now: the real problem in AI is not building demos, it is production deployment. The gap between "it works in a notebook" and "it works in production, reliably, at scale, without breaking things" is where most AI initiatives die.
Security is the Last Mile problem that the AI hype cycle does not want to talk about. Because it directly contradicts the velocity narrative. You cannot simultaneously claim that AI makes development faster and ignore that it makes development less secure. The speed and the risk are the same phenomenon. They come from the same source. They scale together.
The responsible path forward is not to stop using AI coding tools. That ship has sailed, and the tools genuinely have value. The responsible path is to treat AI-generated code as untrusted code -- because the data says it is.
That means pre-commit scanning for secrets and injection flaws. CI/CD gates with dependency checks and privilege escalation analysis. Mandatory human review for any AI-generated code that touches authentication, authorization, or data access. AI-specific rules in your SAST tooling. And an honest accounting of whether the velocity gain survives after you add the security overhead required to ship AI-generated code safely.
My guess: for most teams, the net productivity gain after proper security gates is real but significantly smaller than the headline number. And for some teams -- the ones shipping AI-generated code without additional security controls -- the productivity gain is negative once you account for the remediation debt accumulating in their backlog.
The Bottom Line
I use Claude Code every day. I built a production pipeline on it. Last week it had two critical RCE vulnerabilities. That does not make me want to stop using it. It makes me want to be clear-eyed about what I am using.
AI-generated code has 2.74x more vulnerabilities than human code. Veracode says AI development is net-negative for security across 1.6 million applications. Fortune 50 companies are generating 10,000 new findings a month from AI code. And attackers are weaponizing vulnerabilities 90% faster with the same AI tools.
These are not opinions. These are measurements from independent researchers analyzing real-world codebases at scale.
The tool that writes your code is also writing its bugs. The question is whether you are accounting for that, or whether you are just counting the velocity and hoping the security team catches up.
They are not catching up. The data is very clear about that.