The Scope of the Problem
In recent months, the cybersecurity landscape has witnessed an unprecedented surge in vulnerability reports generated with the help of artificial intelligence. While AI tools like large language models and automated fuzzers have lowered the barrier to entry for security research, they have simultaneously unleashed a firehose of junk reports that are drowning software maintainers. Instead of focusing on fixing real, high-impact vulnerabilities, maintainers are spending hours sifting through noise—duplicate findings, theoretical attack scenarios lacking proof of concept, and submissions with no demonstrated security impact.
Linus Torvalds, the creator and long-time maintainer of the Linux kernel, has been vocal about the impact. In a note accompanying the latest kernel release candidate, he described the project's security mailing list as "almost entirely unmanageable, with enormous duplication due to different people finding the same things with the same tools." Torvalds urged contributors to add real value by reading documentation, creating patches, and understanding the code instead of being "drive-by" reporters who send random reports with no real understanding.
The problem is not limited to the Linux kernel. Jarom Brown, Senior Product Security Engineer at GitHub, acknowledged that while the democratization of security research is welcome, his team is inundated with submissions that fail standard validation criteria. These include reports without proof of concept, theoretical scenarios that collapse under scrutiny, and findings that fall under GitHub's published ineligible list—a list outlining vulnerability types that are out of scope for their bug bounty program.
Industry Reactions
GitHub is not alone. Brown noted that "programs across the industry are grappling with the same challenge, and some have shut down entirely." To avoid such drastic measures, GitHub has implemented new requirements: submitters must now validate AI-assisted findings before sending them in. A complete submission must include a working proof of concept demonstrating exploitation potential and concrete security impact. Reports covering known ineligible categories will be closed as Not Applicable, which may affect the submitter's reputation scoring on platforms like HackerOne. Additionally, Brown urged researchers to be concise, as bloated, AI-padded reports slow down triage and waste everyone's time.
These changes come after months of mounting frustration. Bug bounty platforms, including HackerOne and Bugcrowd, have attempted to combat the onslaught of AI-generated spam with their own AI-based triage tools and enhanced submission guidelines. However, the effectiveness of these measures remains limited, especially for smaller projects and volunteer-run open source communities.
Impact on Researchers
The collateral damage extends beyond maintainers. Shubham Shah, co-founder of Assetnote and a respected security researcher, says organizations are now taking far longer to review legitimate reports and act on real flaws. This delay is killing the feedback loop that keeps top researchers engaged—the prompt acknowledgment and resolution that make bug hunting worthwhile. Shah noted that while platforms are trying to fight spam with AI and added controls, "the joy of reporting vulnerabilities to bug bounties is quickly dissipating." He added that he and other experienced researchers may retreat to private vulnerability research and invite-only bounties if the situation does not improve.
This shift has serious implications. The best researchers, who produce high-quality, original findings, are becoming disillusioned. They see their laborious work lumped together with thousands of low-effort AI submissions, slowing down the entire process. In the near term, this could lead to a concentration of talent in private programs, reducing the overall security posture of widely used public software.
Open Source at Risk
The AI-powered industrialization of vulnerability discovery hits open source projects the hardest. Unlike large corporations like Microsoft or Google, which have dedicated security teams and automated pipelines, open source projects rely on volunteer maintainers. Their time and attention are finite. When maintainers must triage dozens of junk reports daily, they have less time to review patches, fix real bugs, or communicate with the community.
A stark example is the curl project, a widely used command-line tool for transferring data. Lead developer Daniel Stenberg decided to stop accepting submissions via HackerOne and eliminate monetary rewards for security reports altogether. The hope was that removing the financial incentive would reduce the flood of AI slop. The project initially switched to accepting reports via GitHub and email, but quickly reverted to HackerOne when those alternatives proved less effective. However, the decision to remove bounties remained.
The result was instructive. Stenberg noted in April that the nature of submissions changed dramatically. The slop situation disappeared. The number of reports rose, but their quality was higher—even when compiled with AI assistance. The rate of confirmed vulnerabilities surpassed the 2024 pre-AI level. Yet Stenberg pointed out a new challenge: the increased influx of "good" vulnerability reports will still overwhelm maintainers. "This avalanche is going to make maintainer overload even worse. Some projects will have a hard time handling this kind of backlog expansion without any added maintainers to help," he said.
Platform Responses
HackerOne, responding to curl's departure and return, acknowledged the problem. Michiel Prins, Co-founder and Senior Director of Product Management at HackerOne, told Help Net Security that "as AI makes it easier to automate submissions, preserving signal quality becomes critical so open source maintainers can stay focused on fixing real issues." HackerOne's recommended approach includes refining scope and submission guidelines, using AI-assisted triage tools, and pairing automation with human oversight to filter noise early and surface credible reports.
Similarly, Bugcrowd has invested in machine learning models to detect spam-like patterns in submissions. These tools analyze language, consistency, and historical behavior to flag potential junk reports before they reach human triagers. While promising, these solutions are still maturing and require careful tuning to avoid false positives that might block legitimate reports from novice researchers.
Looking Ahead
The Open Source Security Foundation's Vulnerability Disclosures Working Group is actively seeking community feedback as it works to help open source maintainers tackle AI-generated junk reports. Their goals include compiling best practices, creating policy templates, and developing guidance to help maintainers spot and handle AI-assisted submissions. This collaborative effort aims to create a sustainable ecosystem where low-quality reports are filtered out efficiently, allowing high-quality research to shine.
For now, the burden remains on both sides. Researchers must take responsibility for validating their findings, providing clear proof of concepts, and being concise. Platforms must refine their triage engines and incentivize quality over quantity. And maintainers must continue to adapt—perhaps by adopting stricter submission guidelines, using reputation systems, or turning to private bug bounty programs.
As AI capabilities continue to accelerate, the tension between increased discovery speed and maintainer bandwidth will only grow. The open source community, which powers much of the modern internet, must find a way to harness AI's potential without being buried by its byproducts. The next few months will be critical in determining whether that balance can be achieved—or whether the noise will drown out the signal entirely.
Source: Help Net Security News