Open-source and commercial AI models have made a dramatic leap in their ability to find and exploit software vulnerabilities, according to new research from cybersecurity firm Forescout. Just nine months ago, only three AI models could produce working exploits; today, more than half of the models tested can do so autonomously. The findings reveal a significant shift in the AI security landscape, with implications for how organizations must now approach vulnerability management and patching strategies .

How Quickly Have AI Models Improved at Finding Vulnerabilities?

Forescout tested fifty different AI models, including commercial systems, open-source models, and underground variants developed outside mainstream institutions . The results showed a striking evolution in just nine months. Last summer, the firm found that 93% of models could not complete any exploit development tasks. By the time of the follow-up assessment, every model tested could handle basic vulnerability research, and 55% could produce functional exploits without requiring complex instructions from users .

The most capable performers included Claude Opus 4.6 and Moonshot AI's open-source Kimi K2.5, both of which were grouped among models that could "find and exploit vulnerabilities without complex prompts" from operators . Google's Gemini 2.5 Pro Experimental and Gemini 3 Pro Preview also demonstrated strong capabilities, though with less consistency. OpenAI's ChatGPT o3-mini-high performed similarly, while some models like Deepseek-R1-Qwen-32B and Qwen2.5-72B-Instruct showed poor performance across the board .

The research team used single prompts combined with the open-source RAPTOR agentic framework and Forescout's own extensions to evaluate the models. In the process, they discovered four new zero-day vulnerabilities in OpenNDS, a portal system used to control access on public and semi-public Wi-Fi networks .

Why Is Accessibility a Major Concern for Security Professionals?

One of the most troubling findings is that the most dangerous models are not necessarily the most expensive or difficult to access. While Claude Opus 4.6 requires up to $25 per million output tokens to run, making it costly for large-scale attacks, Moonshot AI's Kimi K2.5 offers a more accessible alternative . The model's top paid tier costs only $159 per month, and because it is open-weight and open-source, users with adequate hardware can run it for free .

This accessibility has already caught the attention of threat actors. Forescout observed a notable shift in how cybercriminals are organizing around these tools. "Previously, underground forums featured advertisements for poorly performing underground AI models. Now, threat actors are more often sharing jailbreaks and adopting commercial or open-source models," the firm stated . The researchers added that experienced members in these communities are now coaching newcomers on how to use these tools effectively .

Forescout

How Should Organizations Respond to AI-Powered Vulnerability Threats?

• Accelerate Patching Timelines: Organizations can no longer rely on months-long coordinated disclosure processes. With AI capable of finding and exploiting vulnerabilities rapidly, security teams must prioritize patching affected systems immediately upon discovery.
• Expand Coverage Beyond Core Systems: Edge devices, operational technology (OT), and Internet of Things (IoT) devices are often overlooked and left unpatched. These systems are now vulnerable to AI-assisted attacks and must be included in vulnerability management strategies.
• Shift Focus to Impact Assessment and Risk Control: Finding vulnerabilities is no longer the hardest problem. Organizations must now develop capabilities to prioritize findings, understand the impact of discovered vulnerabilities, and apply controls to reduce risk across their environments.

Forescout emphasized that security professionals must fundamentally change their assumptions about their environments. "We are entering a new phase of vulnerability research and of cybersecurity more broadly, in which finding and exploiting vulnerabilities are no longer the only challenges," the researchers concluded . "The harder problem is what comes next: how to prioritise findings, patch affected systems, understand impact, and apply controls to reduce risk" .

Forescout

The speed at which AI can now identify and exploit vulnerabilities has compressed the traditional timeline for security response. What once took human researchers weeks or months to discover and weaponize can now happen in hours or minutes with the right AI model and prompts. This fundamental shift means that organizations must assume their environments contain vulnerabilities that AI will quickly find, and they must be prepared to respond at machine speed rather than human speed .

The research serves as a wake-up call for the cybersecurity industry. As AI models continue to improve in their reasoning and coding capabilities, the gap between vulnerability discovery and exploitation will only narrow further. Organizations that do not adapt their security practices to account for AI-assisted attacks risk finding themselves compromised before they even know a vulnerability exists.