Google’s AI-powered bug hunting tool finds a host of troubling open source security flaws


  • Google’s OSS-Fuzz finds more than twenty vulnerabilities in various open source projects
  • Among them is a vulnerability in OpenSSL that could result in RCE
  • Google considers this an important milestone in automated bug discovery

Google found 26 vulnerabilities in various open source code repositories, including a moderate flaw in “the critical OpenSSL library that underpins much of the Internet infrastructure.”

This wouldn’t really be news (Google has helped find thousands of bugs over the years) if the method by which the bugs were discovered wasn’t “artificial,” as the bugs were revealed using AI-powered fuzzing technology. tool. OSS Fuzz.