What the AI Patch Gap Means for Enterprise Security
Help Net Security, Thursday, July 2nd, 2026
AI vulnerability discovery is outpacing human remediation, creating a growing patch backlog that threatens enterprises.
Anthropic's Claude Mythos Preview identified 1,596 verified vulnerabilities across hundreds of open-source projects over nine weeks, with a 90.8% true-positive rate.
Vulnerabilities are found at roughly 25 per day while repairs occur at only 1.5 daily, a 16.5-to-1 deficit.
Median acknowledgment takes about five hours, but patch deployment spans three to five months once advisories, scanner updates, and validation are factored in. Only 6% of findings had upstream patches at the snapshot date.
The authors recommend prioritizing findings by production exposure, accessibility, active exploitation, and existing controls so teams can operate at discovery cadence.