GitHub Security Advisory (GHSA) volume increased 449% year-over-year.

Mozilla CNA Q1 CVE disclosures spiked 164% due to AI-assisted tooling against the Firefox engine.

Open source component counts increased by 30% year-over-year.

68% of audited codebases contain license conflicts, a 12 percentage-point increase from 56% the previous year.

76% of organizations check AI-generated code for security risks.

98% of codebases contain open source components.

56% of organizations assess quality issues in AI-generated code.

The number of files per codebase grew by 74% year-over-year.

24% of organizations perform comprehensive IP, license, security, and quality evaluations for AI-generated code.

54% of organizations evaluate AI-generated code for IP and license risks.

Mean vulnerabilities per codebase increased by 107% year-over-year.