AI Discovered Twelve New Vulnerabilities in OpenSSL – Cyber Tech
AI Discovered Twelve New Vulnerabilities in OpenSSL
The title of the submit is”What AI Safety Analysis Appears to be like Like When It Works,” and I agree:
Within the newest OpenSSL safety launch> on January 27, 2026, twelve new zero-day vulnerabilities (which means unknown to the maintainers at time of disclosure) had been introduced. Our AI system is liable for the unique discovery of all twelve, every discovered and responsibly disclosed to the OpenSSL staff throughout the fall and winter of 2025. Of these, 10 had been assigned CVE-2025 identifiers and a pair of obtained CVE-2026 identifiers. Including the ten to the three we already discovered within the Fall 2025 launch, AISLE is credited for surfacing 13 of 14 OpenSSL CVEs assigned in 2025, and 15 whole throughout each releases. It is a traditionally uncommon focus for any single analysis staff, not to mention an AI-driven one.
These weren’t trivial findings both. They included CVE-2025-15467, a stack buffer overflow in CMS message parsing that’s probably remotely exploitable with out legitimate key materials, and exploits for which have been shortly developed on-line. OpenSSL rated it HIGH severity; NIST‘s CVSS v3 rating is 9.8 out of 10 (CRITICAL, a particularly uncommon severity score for such tasks). Three of the bugs had been current since 1998-2000, for over 1 / 4 century having been missed by intense machine and human effort alike. One predated OpenSSL itself, inherited from Eric Younger’s unique SSLeay implementation within the Nineties. All of this in a codebase that has been fuzzed for thousands and thousands of CPU-hours and audited extensively for over twenty years by groups together with Google’s.
In 5 of the twelve instances, our AI system instantly proposed the patches that had been accepted into the official launch.
AI vulnerability discovering is altering cybersecurity, quicker than anticipated. This functionality will likely be utilized by each offense and protection.
Extra.
Posted on February 18, 2026 at 7:03 AM •
19 Feedback
Kyndryl bets on partnerships, consulting arm to redeem itself – Cyber Tech
E mail Safety in Workplace 365 – Munio – Cyber Tech
AWS Patches Crucial ‘FlowFixation’ Bug in Airflow Service to Forestall Session Hijacking – Cyber Tech
About The Author
admin
Azeem Rajpoot, the author behind This Blog, is a passionate tech enthusiast with a keen interest in exploring and sharing insights about the rapidly evolving world of technology. With a background in Blogging, Azeem Rajpoot brings a unique perspective to the blog, offering in-depth analyses, reviews, and thought-provoking articles. Committed to making technology accessible to all, Azeem strives to deliver content that not only keeps readers informed about the latest trends but also sparks curiosity and discussions. Follow Azeem on this exciting tech journey to stay updated and inspired.
