We're at an inflection point in the history of vulnerability research. For most of that history, the discovery side was human-only: researchers, auditors, and occasionally automated fuzzers. AI is now a genuine participant. This is a log of the cases where that participation was documented and significant.
Google Project Big Sleep — SQLite buffer overflow (Oct 2024): The first publicly confirmed case of an AI agent discovering a previously unknown vulnerability in widely-deployed open-source software. A stack buffer overflow in SQLite's JDBC driver, found through agent-based code reasoning rather than fuzzing. Patched the same day it was reported to the SQLite team. Zero user impact — the AI was faster than any attacker.
The Cases That Changed the Timeline
Microsoft Security Copilot — Azure misconfiguration patterns (Q1 2025): Microsoft's AI security tooling flagged a class of Azure RBAC misconfigurations that allowed privilege escalation across tenant boundaries under specific conditions. The finding affected a non-trivial percentage of enterprise Azure deployments. Microsoft quietly released guidance before the pattern became publicly known. The AI's value here wasn't novel vulnerability research — it was scale: pattern-matching across millions of configurations that no human team could audit manually.
Trail of Bits — AI-assisted audit of Ethereum client code (2024–2025): Security firm Trail of Bits used a custom LLM pipeline to audit the Go implementation of the Ethereum execution client. The tool flagged edge cases in the RLP encoding layer that manual auditors had reviewed and passed. Two of the flagged cases turned out to be valid findings — one potentially consensus-breaking under adversarial conditions. The AI didn't replace the human auditors; it extended their coverage into code paths too tedious to trace manually.
"The log of AI-found vulnerabilities will be the definitive argument for or against the technology. Right now, the argument is building."
What the Pattern Shows
Looking across the documented cases, a clear pattern emerges: AI is not replacing vulnerability researchers. It's extending their reach into three specific areas where human cognition hits limits. First: scale — AI can audit millions of configurations or thousands of code paths simultaneously. Second: persistence — AI doesn't get bored tracing deeply nested call chains. Third: cross-codebase correlation — AI can flag a pattern across multiple repositories that no single human reviewer would have reason to connect.
The cases that haven't appeared yet — and will — are the ones where AI autonomously chains multiple findings into a working exploit. We're not there in the public record. But the trajectory from "AI finds the bug" to "AI constructs the proof of concept" is measurable and shortening. The organizations that invest in defensive AI tooling in 2025 are building a lead that compounds. Those that wait are betting the gap stays comfortable long enough for them to catch up.