AI Patch Gap: Enterprise Security Implications and Why It Matters
Open-source maintainers face a growing challenge as AI-driven vulnerability detection outpaces their ability to address issues, creating a critical patch gap for enterprises.
The AI patch gap and open-source maintainers
Open-source maintainers are facing an increasing challenge as the volume of vulnerability reports surpasses their capacity to address them, with a significant portion now originating from AI systems operating at machine speed.
The study by Tuskira
Over a two-month period this spring, an AI system developed by Anthropic, Claude Mythos Preview, analyzed more than 23,000 open-source code paths and directed verified findings to the relevant project maintainers. A study conducted by Tuskira examined the handling of these findings once they reached human reviewers.
Vulnerability validation and severity classification
The AI identified 1,596 confirmed vulnerabilities across hundreds of projects within a nine-week timeframe. Six external security firms reviewed the findings before they were shared with maintainers, and the results withstood scrutiny. Independent assessments by these firms confirmed a true-positive rate of 90.8% for the subset they evaluated, indicating the validity of the reported issues.
Tuskira quantifies this disparity as a 16.5-to-1 ratio, labeling the growing backlog the vulnerability deficit.
The patch gap and remediation delays
Anthropic highlights confirmed true positives as one metric of impact but emphasizes patch counts as a more reliable indicator of long-term resolution. The primary issue arises after vulnerabilities are disclosed. The AI identified approximately 25 verified vulnerabilities per day, yet the rate of applied fixes averaged just 1.5 per day.
Challenges in enterprise remediation
Maintainers demonstrate responsiveness, with the median acknowledgment time for reports occurring within a fifth of a day. However, acknowledgment and actual remediation remain far apart. Only 6% of disclosed vulnerabilities had an upstream patch available at the time of disclosure, a figure considered a lower bound as some maintainers release fixes discreetly.
Risks of deploying patches
Deploying patches also introduces risks. A fix for a memory-safety issue can alter timing behaviors, stricter input validation may block previously accepted payloads, and dependency upgrades can trigger cascading version changes. Validation for standard language packages typically takes two to six weeks, with longer periods required for embedded, cryptographic, or regulated components.
Propagation of vulnerabilities
A single upstream vulnerability often affects multiple downstream components. For example, a flaw in ImageMagick can propagate to 18 or more package variants, with source-only fixes distributed across numerous feeds. The critical metric for defenders is every affected instance in production, which exceeds the upstream count.
Tuskira’s decision-making framework
Tuskira’s approach reframes patching as a decision-making process, centered on four key questions: whether the vulnerable code path is active in production, who has access to the exposed instance, whether the environment shows signs of active exploitation, and whether existing controls already mitigate the risk.
Future implications of AI-driven discovery
OSS-Fuzz documented over 13,000 vulnerabilities across nine years, while the AI system achieved a significant portion of this in a fraction of the time. As more AI-driven discovery efforts emerge, the pace of vulnerability identification across the ecosystem is expected to rise further. The current CVE feed lags behind real-time developments, with actionable signals appearing earlier in upstream commits, transparency-log changes, and security firm advisories.
