Vulnerability disclosures are piling up faster in 2026 than anyone expected at the start of the year. The running count for the first few months sits well above the original projection, and the Forum of Incident Response and Security Teams (FIRST) now expects the year to land near 66,000 CVEs.

The cause sits mostly with one development: AI tools have started hunting for software flaws on their own, and they are good at it.

“The teams that will weather the vulnerability storm of 2026 are the ones with trusted networks already in place, who are sharing intelligence and are coordinating response before any crises hit,” said Chris Gibson, CEO of FIRST.

The machines doing the hunting

Autonomous discovery agents are now part of the disclosure ecosystem. Anthropic’s Mythos, and OpenAI’s GPT-5.4-Cyber have pushed up the volume of flaws being found.

Mozilla shows what this looks like in practice. The company saw a sharp jump in early-year Firefox disclosures tied to Anthropic’s Project Glasswing, which points the Mythos Preview agent and Claude Opus 4.6 at legacy bugs in the browser engine. Mozilla engineers built a harness on top of their existing fuzzing setup, and it found and fixed 271 bugs for the Firefox 150 release. The same pattern is spreading across other projects.

Some of the rise comes from housekeeping. GitHub Security Advisories and VulnCheck have both expanded their cataloging operations and backfilled old records, which inflates the totals. The plain growth of software in the world adds to the count too, along with open source projects getting their first serious security attention.

Rain and floods

The researchers lean on a weather comparison to keep things in perspective. All the disclosures coming in are the heavy rain. The water that actually threatens to flood the house is a much smaller thing.

That smaller group covers the bugs attackers are using in the wild or the ones most likely to be exploited soon. Filter the surge down to that set, and the patching burden stays flat. Only a small slice of 2026 CVEs reach the level where defenders need to act fast, and that share has held steady through the year. The challenge sits in pulling that signal out of the noise.

A two-sided race

Defensive AI is arriving alongside the offensive kind. OpenAI’s GPT-5.4-Cyber gives defenders a counterweight to faster exploit generation, and the forecast expects offensive techniques to keep crossing over into defensive use. The defining contest for late 2026 will be the speed of AI-built exploits against the speed of AI-built patches and detection signatures.

Maintainers have a window worth using here. Faster discovery frees up effort for verifying and fixing flaws at the root, with a chance to wipe out whole categories of weakness in the development process.

The part the databases miss

AI assistants generate and deploy code on demand, creating throwaway applications that often carry flaws no CVE registry ever sees. The bugs stay off the national databases and still create real risk inside the systems that run them. We need dynamic cataloging, AI bills of materials, and runtime monitors to track these pieces as they appear.

People are the bottleneck

The constraint sits with human capacity. AI can surface more flaws than analysts can verify, coordinate, and patch, and someone still has to write the detection signatures. A dip in published counts often signals that people went on vacation or got sick, not that the internet got safer.

The advice for asset owners is to budget around the growth of software, since the spread of distinct products carrying vulnerabilities drives the workload more than the bug count does. Software vendors feel the CVE growth directly and should plan to ship more fixes per release. Teams that maintain code should brace for roughly double the work. Teams patching live systems can expect a steady load through the end of 2026.

Download: The IT and security field guide to AI adoption