x

Please Sign-In to Access this Report

To access other reports on the platform please sign in with your username and password, or register for a free account to get unlimited access and insight customized for you.

2025 GenAI Code Security Report

October 2025 Update

Generative AI is reshaping software development, yet its impact on code security remains largely overlooked. This report assesses over 100 large language models (LLMs) across four major programming languages—Java, JavaScript, Python, and C#—to determine how often AI-generated code is secure by default. Findings reveal that only 55% of generated code avoids common vulnerabilities, with no significant improvements tied to model size or recency.

Report Snap Shot

Through rigorous testing against four critical CWE categories—SQL Injection, Cross-Site Scripting, Log Injection, and Weak Cryptographic Algorithms—the research highlights systemic gaps in AI coding tools. While LLMs excel at producing functional, syntactically correct code, they frequently miss security best practices unless explicitly guided. This report provides valuable insights for organizations adopting AI-driven development, underlining the need for proactive security measures and developer oversight.