Google's CodeMender AI Automatically Patches Vulnerabilities in Code

First reported

07.10.2025 18:18

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Google's DeepMind division has released CodeMender, an AI-powered agent that automatically detects, patches, and rewrites vulnerable code to prevent future exploits. CodeMender is designed to be both reactive and proactive, fixing new vulnerabilities as soon as they are spotted and rewriting existing codebases to eliminate classes of vulnerabilities. The AI agent leverages Google's Gemini Deep Think models and a large language model (LLM)-based critique tool to debug, flag, and fix security vulnerabilities. Over the past six months, CodeMender has upstreamed 72 security fixes to open-source projects, including some with up to 4.5 million lines of code. Google also introduced an AI Vulnerability Reward Program (AI VRP) to incentivize reporting AI-related issues in its products, with rewards up to $30,000.

Timeline

07.10.2025 18:18 1 articles · 4h ago

Google Releases CodeMender AI for Automatic Vulnerability Patching
Google's DeepMind division announced CodeMender, an AI-powered agent that automatically detects, patches, and rewrites vulnerable code. Over the past six months, CodeMender has upstreamed 72 security fixes to open-source projects. Google also introduced the AI Vulnerability Reward Program (AI VRP) to incentivize reporting AI-related issues in its products, with rewards up to $30,000. The Secure AI Framework (SAIF) has been updated to address new agentic security risks.
Show sources

Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them — thehackernews.com — 07.10.2025 18:18
Open in new tab

Information Snippets

CodeMender is designed to automatically detect, patch, and rewrite vulnerable code.
First reported: 07.10.2025 18:18

1 source, 1 article
Show sources
- Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them — thehackernews.com — 07.10.2025 18:18
The AI agent leverages Google's Gemini Deep Think models and an LLM-based critique tool.
First reported: 07.10.2025 18:18

1 source, 1 article
Show sources
- Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them — thehackernews.com — 07.10.2025 18:18
CodeMender has upstreamed 72 security fixes to open-source projects in the past six months.
First reported: 07.10.2025 18:18

1 source, 1 article
Show sources
- Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them — thehackernews.com — 07.10.2025 18:18
Google introduced an AI Vulnerability Reward Program (AI VRP) with rewards up to $30,000.
First reported: 07.10.2025 18:18

1 source, 1 article
Show sources
- Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them — thehackernews.com — 07.10.2025 18:18
The AI VRP focuses on issues like prompt injections, jailbreaks, and misalignment.
First reported: 07.10.2025 18:18

1 source, 1 article
Show sources
- Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them — thehackernews.com — 07.10.2025 18:18
Google's Secure AI Framework (SAIF) has been updated to address agentic security risks.
First reported: 07.10.2025 18:18

1 source, 1 article
Show sources
- Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them — thehackernews.com — 07.10.2025 18:18

Summary

Timeline

Google Releases CodeMender AI for Automatic Vulnerability Patching

Information Snippets