Trust in AI Vulnerability Scanning Collapses as Patches Lag for LLMs, Chrome, GitLab

Trust in fully automated AI vulnerability scanning has collapsed, dropping from 29% to 9% of organizations relying solely on it, according to the Cobalt State of Pentesting Report 2026. The study, based on surveys of around 450 cybersecurity professionals, found that 78% of respondents said automated tools missed critical vulnerabilities.

Nearly half (47%) of organizations now prefer a hybrid testing model combining AI with human expertise, a 22 percentage point surge from 2025. The shift comes as the complexity of AI attack surfaces grows: nearly one in three findings from an AI pentest is rated high risk, 2.7 times the rate of conventional software.

LLM Vulnerabilities Remain Unpatched at Alarming Rates

The report highlights that 62% of LLM vulnerabilities discovered during pentests remain open, the lowest resolution rate of any asset class. Mean time to resolve for AI security issues nearly doubled, from 19 days to 36 days. Shadow AI was the most common incident vector (44%), followed by data or model poisoning (41%) and improper output handling (41%).

“LLM vulnerabilities are deeply context-dependent and invisible to tools that lack architectural understanding,” said Andrew Obadiaru, CISO of Cobalt. “Automation should be deployed where it excels, but elite human expertise remains foundational for complex business logic risks.”

Chrome, GitLab, and macOS Patches Roll Out

Google Chrome patched 13 vulnerabilities in its latest update, including four critical-severity flaws. Two WebGL bugs could allow attackers to escape the browser's security sandbox, a type of exploit that often leads to full system compromise. Users are urged to update immediately.

GitLab released updates addressing 13 vulnerabilities, three rated high severity. The fixes cover code execution and information disclosure flaws in both Community and Enterprise Editions. The updates are available for versions 17.3.2, 17.2.5, and 17.1.6.

A macOS vulnerability disclosed by XM Cyber allows standard users to disable endpoint detection and response (EDR) and mobile device management (MDM) tools. The flaw, which does not require root access, could let attackers bypass enterprise security controls. Apple has not yet released a patch.

On the operational technology front, a Lantronix serial-to-IP converter flaw (CVE-2025-67038) is being actively exploited after being disclosed in April as part of the BRIDGE:BREAK research project. The vulnerability affects devices used in industrial environments and could allow remote code execution.

What Comes Next for Automated Testing

The Cobalt data underscores a broader industry reckoning with AI's limitations in security testing. While 60% of security professionals said they need stronger LLM testing capabilities, only 42% plan to increase human-led red team operations. The gap suggests many organizations are still calibrating their investment in human expertise versus automation.

For Chrome and GitLab users, the message is clear: patch now. For macOS and OT administrators, the window for proactive defense is narrowing as exploit details become public. The Lantronix flaw being weaponized in the wild is a reminder that unpatched edge devices remain a prime target for attackers.