🛡 The AI Era: Rising Number of CVE Vulnerabilities
The FIRST forecast for June 2026 predicts an increase in the number of identified CVEs to ~66,000. This is driven by the use of specialized AI agents, such as Anthropic Mythos and OpenAI GPT-5.4-Cyber, to automate bug hunting.
🌍 A shift is occurring toward a capability-triggered model. This creates a mass of "noise" vulnerabilities, which requires the implementation of AI-BOM to account for ephemeral code generated by AI.
👤 There is no need to panic over the rising statistics. It is important to focus on real exploitability (CISA KEV or EPSS > 10%) to avoid wasting resources on useless patches.
Source 1: https://www.first.org/blog/20260615-vulnerability-forecast-update