On the morning of May 12, 2026, a security analyst at a mid-size financial firm noticed something unsettling: a vulnerability in a widely used file-transfer tool had been publicly disclosed just seven hours earlier, and scanners were already picking up exploitation attempts against the company’s perimeter. The patch existed. It had not yet been tested, approved, or deployed. That gap, measured in hours rather than weeks, is now the norm for the most dangerous software flaws in circulation.
Data maintained by the Cybersecurity and Infrastructure Security Agency paints a stark picture of how little time defenders have. According to CISA’s analysis underpinning Binding Operational Directive 22-01, 42 percent of the vulnerabilities in its Known Exploited Vulnerabilities (KEV) Catalog were weaponized on the same day they were disclosed. Half were exploited within two days. Three-quarters were hit within 28 days. Those numbers describe confirmed, real-world attacks, not theoretical risk scores.
Now, multiple cybersecurity firms argue that artificial intelligence is compressing that window even further. CrowdStrike’s 2025 Global Threat Report warned that generative AI was enabling adversaries to develop exploits and craft convincing social-engineering lures at unprecedented speed. Palo Alto Networks’ Unit 42 incident-response team has described cases in which proof-of-concept exploit code appeared in underground forums within hours of a patch release, a pace researchers said was consistent with AI-assisted reverse engineering of vendor patches. Google’s Mandiant division flagged a similar trend, noting that both nation-state and financially motivated groups were experimenting with large language models to accelerate vulnerability research. Collectively, these firms have begun calling the current period “the year of AI-assisted attacks.”
What the federal data actually shows
The hardest numbers available come from CISA, not from vendor marketing. The KEV Catalog is a continuously updated, machine-readable list of CVEs that the agency has confirmed as actively exploited in the wild. Each entry carries a specific CVE identifier and the date CISA added it, giving security teams a concrete, government-validated reference for triage. BOD 22-01, issued in November 2021, requires every federal civilian agency to remediate cataloged vulnerabilities within prescribed deadlines. The exploitation-speed statistics that accompany the directive were drawn from observed incidents, not modeling.
Those figures matter well beyond Washington. Private-sector security teams, managed service providers, and critical-infrastructure operators across the country use the KEV Catalog as a prioritization tool. When nearly half of all tracked exploited flaws are hit on disclosure day, any organization still running monthly or biweekly patch cycles faces a structural timing problem. The directive’s deadlines were designed to force faster remediation, yet the data suggests attackers were already outpacing many defenders before generative AI tools became widely accessible in 2023 and 2024.
In practice, the date a vulnerability is disclosed, the date a patch ships, and the date exploit code surfaces in the wild now frequently land inside the same 24-hour window. For the most targeted bugs, defenders are not racing to stay ahead. They are trying to catch up from the moment a CVE is published.
Where the AI claims stand
Despite the alarm from major vendors, no public dataset currently links a specific CVE to a confirmed AI-generated exploit chain. The KEV Catalog does not track whether a given exploit was built with AI assistance. No government agency has published forensic logs measuring defender response times against verified AI-assisted intrusions. The evidence that AI is accelerating exploitation rests on vendor telemetry, incident-response case studies, and plausible technical reasoning rather than on independently auditable proof.
That distinction matters because the baseline was already extreme. If 42 percent of exploited vulnerabilities were weaponized on day zero before ChatGPT existed, isolating AI’s marginal contribution is genuinely difficult. Attackers have relied on automated scanning, pre-built exploit frameworks like Metasploit, and rapid patch-diffing techniques for years. AI may be shaving the remaining hours, but separating that effect from existing automation requires controlled measurement that has not appeared in any peer-reviewed or government-validated publication as of June 2026.
Selection bias in the KEV Catalog also complicates interpretation. The catalog tracks vulnerabilities confirmed as exploited, not all disclosed vulnerabilities. The 42 percent figure describes the subset of flaws that attackers chose to target, which likely skews toward high-value or easily exploitable bugs. Applying that statistic to the full universe of roughly 200,000-plus CVEs in the National Vulnerability Database would significantly overstate the risk. The open question is whether AI is expanding the pool of flaws that can be weaponized quickly or simply speeding up exploitation of the same high-priority targets that skilled attackers would have reached anyway.
Attribution adds another layer of difficulty. When exploit code surfaces unusually fast or resembles machine-generated output, defenders may suspect AI involvement, but those impressions rarely constitute forensic proof. Attackers can also mimic AI-generated patterns deliberately to inflate their perceived sophistication or to confuse incident responders. Until the industry develops standardized indicators for AI-assisted toolchains, claims about AI’s direct role in specific breaches will remain hard to verify.
What defenders and vendors are doing now
The response from the other side of the table has been tangible, if uneven. Microsoft, which patches more than 100 CVEs in a typical Patch Tuesday cycle, has invested heavily in AI-driven threat detection through its Security Copilot platform, designed to help analysts triage alerts and correlate indicators of compromise faster than manual workflows allow. Google’s Project Zero continues to publish detailed disclosure timelines that pressure vendors to ship fixes before exploitation begins, and the company has integrated AI-based fuzzing into its own vulnerability-discovery pipeline to find bugs before adversaries do.
CISA itself has expanded the KEV Catalog’s role as a defensive tool. The catalog is free, updated in near-real time, and available in structured formats that feed directly into vulnerability-management platforms. For organizations that have not yet built their patching priorities around it, integrating the catalog is the single most concrete step available, regardless of whether the attacker on the other end is using a large language model or a five-year-old script.
Beyond patching, security teams are adopting more aggressive postures for any vulnerability that appears in the catalog. That means assuming exploit code is already circulating, that opportunistic scanning is underway, and that temporary countermeasures (network segmentation, tighter access controls on exposed services, expanded monitoring for known indicators of compromise) are justified immediately rather than after a formal risk review. Vulnerabilities not yet in the catalog still merit attention, but they can reasonably be ranked below confirmed exploited flaws when staffing and budgets are constrained.
Why the practical math hasn’t changed
For organizations making resource decisions right now, the actionable takeaway does not hinge on resolving the AI debate. CISA’s data already proves that traditional patch timelines are too slow for the most targeted vulnerabilities. Whether AI compresses the exploitation window from 24 hours to four or from 48 hours to 12, the defensive playbook is the same: treat KEV Catalog entries as emergencies, automate patch deployment wherever possible, and view every hour after disclosure as accumulated risk.
AI may well be accelerating the collapse of the disclosure-to-exploitation window, and future research from CISA, academic institutions, or the vendor community may quantify that contribution with precision. But the federal data already in hand justifies urgency on its own terms. Forty-two percent of confirmed exploited vulnerabilities were weaponized before most organizations finished reading the advisory. That number predates the current generation of AI tools, and it has only moved in one direction.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
