From CVE to Breach in Under an Hour

How AI Is Closing the Window Between Disclosure and Exploitation

Software vulnerability exploitation is having a moment. A very long moment that nobody can accurately predict the end of, because AI is accelerating how flaws get found and weaponized, shrinking the window from “publicly known” to “actively exploited” from months to days to hours.

Let’s talk about what’s going on.

Vulnerabilities Are Now the #1 Way In 

Verizon recently released its annual Data Breach Investigations Report. The 2026 edition marks a turning point in the report’s history, showing that for the first time exploitation of vulnerabilities has overtaken credential abuse as the most common initial access vector in breaches - reaching 31% of cases, a 55% increase from last year’s 20%. Credential abuse, previously the leading vector, dropped from 22% to 13%. And the time from disclosure to active exploit has collapsed from 756 days in 2018 to roughly 10 hours in 2026, with 29% of exploited vulnerabilities now attacked before a patch even exists.

This reflects a structural shift in how attackers enter networks. Phishing and credential theft are still huge, of course – credential abuse is still 39% of breaches when counted at any stage of the attack chain – but the front door has changed. Attackers are moving up the stack toward software flaws as their preferred point of entry.

Organizations in the vulnerability space are also feeling the strain. Only 26% of the vulnerabilities in CISA’s Known Exploited Vulnerabilities Catalog were fully remediated in 2025, down from 38% the year before. Median patch time rose from 32 days to 43. And the median organization had 50% more critical flaws to deal with than the previous year.

Another example is NIST’s National Vulnerability Database, which until recently attempted to analyze and enrich every known CVE (Common Vulnerabilities and Exposure) released. In April, however, they announced that because of the sheer volume of vulnerabilities being reported and the associated backlog that had built up, going forward they’d be more selective about which CVEs they would be analyzing. And all CVEs from before March 1st (except for those in the Known Exploited Vulnerabilities Catalog) would be classified as “not scheduled” for analysis.

Initiatives like GCVE are emerging to take some pressure off centralized NVD-style infrastructure. They have worthy goals, including collaborative naming standards, open enrichment pipelines, and geographical distribution of resources. There’s some hope here, but as with any new efforts, some wrinkles still need to be ironed out.

AI as a Discovery Engine 

Vulnerability discovery used to be a largely human operation: researchers, bug bounty hunters, and vendor security teams keeping up with the right mailing lists and GitHub commits. Now, however, the use of AI has fundamentally changed things.

One widely cited example is when in early 2026, Anthropic’s AI found over 500 high-severity vulnerabilities in widely-used open-source software, bugs that had survived decades of expert human review. Elsewhere, some traditional open-source authors and maintainers have written about the pressure they’re now under, and bug bounties for security holes that used to be in the thousands of dollars are now only awarding tiny amounts for the same severity issues. HackerOne even paused bug bounties entirely while they review the situation.

AI as an Exploitation Engine 

On the other side of the equation, AI is making exploitation significantly cheaper and less skill-intensive, while at the same time increasing attackers’ sophistication and ability.

In May 2026, Sysdig’s TRT caught the first LLM-agent-driven intrusion in the wild that I’d seen. Initial remote code execution on a notebook server, cloud credential pivot, private key retrieval from AWS Secrets Manager, and internal database dump, all in less than an hour, with no playbook. The agent just figured it out as it went.

As Sysdig’s Michael Clark put it: “We are not watching AI replace attackers. We are watching attackers replace their scripts with AI.” 

The shift is one of cost and capability. Pre-built playbooks require engineering time per target, whereas an agent has a basic initial understanding of exploitation and composes its attack chain against whatever it finds. The bar to a sophisticated, adaptive intrusion is now inference budget, not expertise.

Real-World Scale: Chrome as a Case Study 

Browser engines are among the most complex, most-targeted attack surfaces around. Chrome’s V8 JavaScript engine - present on billions of devices - has seen a sustained increase in high-severity CVEs, with several exploited in the wild within 24 hours of disclosure. CVE-2025-10585, a V8 flaw, was actively exploited within a day of going public. And a single recent Chrome release can ship more security fixes than the browser addressed in all of 2025. 

How ZeroFox Attack Surface Intelligence Can Help 

The vulnerabilities driving this shift don’t appear in a vacuum. They show up in forgotten subdomains, unpatched legacy services, orphaned applications, and third-party assets that organizations have lost track of. That’s the gap ZeroFox Attack Surface Intelligence (ASI) is built to close. 

ZeroFox ASI continuously discovers and maps an organization’s external digital footprint, including assets that security teams may not know exist. Using continuous discovery across DNS records, SSL certificates, IP allocations, cloud metadata, GitHub references, and favicon hashes, it surfaces the same exposed infrastructure that attackers scan for the moment a CVE drops. See it for yourself with a personalized demo.