HackerOne, a global leader in Continuous Threat Exposure Management (CTEM), today announced h1 Validation, a new offering designed to help enterprises manage the surge and complexity of vulnerabilities uncovered by frontier AI models. As systems like Claude Mythos and OpenAI’s GPT-5.4-Cyber accelerate vulnerability discovery speed and scale, the gap between discovery and remediation is widening, while adversaries move faster to exploit them.
New data from the HackerOne platform shows how quickly the challenge is escalating. Vulnerability submissions grew 76% year over year, reaching a record high in March 2026. About 25% of findings were confirmed exploitable, a rate that has held steady despite the surge in submissions, meaning the absolute number of real vulnerabilities continues to grow. The share of critical and high-severity vulnerabilities rose to 32%, up from a historical baseline of 26 to 28%. At the same time, the window between disclosure and exploitation is shrinking to hours, while remediation is not keeping pace, improving just 19% year over year and driving vulnerability backlogs to an all-time high.
“AI is accelerating both the volume and the sophistication of vulnerabilities,” said Nidhi Aggarwal, Chief Product Officer at HackerOne. “AI is increasingly exploiting complex attack paths and multi-step chains, and the time to exploit them is shrinking. h1 Validation helps organizations keep up by combining agentic AI and human expertise to quickly determine what is actually exploitable, deliver clear remediation steps, and reduce the time from find to fix.”
h1 Validation is designed for this new reality. It handles high volumes of vulnerabilities and increasingly complex attack paths at scale. By rapidly validating exploitability and prioritizing real risk, the offering helps security and engineering teams respond faster to vulnerabilities that can be exploited by adversaries.
As AI accelerates both vulnerability discovery and adversarial capabilities, organizations must move beyond discovery alone toward continuous validation and remediation. h1 Validation closes that gap by speeding the continuous loop from discovery to validation to fix, turning growing volume into fast, measurable risk reduction.
Learn more about h1 Validation and how to manage AI-driven vulnerability risk.
About HackerOne:
HackerOne is a global leader in Continuous Threat Exposure Management (CTEM). The HackerOne Platform unites agentic AI solutions with the ingenuity of the world’s largest community of security researchers to continuously discover, validate, prioritize, and remediate exposures across code, cloud, and AI systems. Through solutions like bug bounty, vulnerability disclosure, agentic pentesting, AI red teaming, and code security, HackerOne delivers measurable, continuous reduction of cyber risk for enterprises. Industry leaders, including Anthropic, Crypto.com, General Motors, Goldman Sachs, Lufthansa, Uber, UK Ministry of Defence, and the U.S. Department of Defense, trust HackerOne to safeguard their digital ecosystems. HackerOne was recognized in Gartner’s Emerging Tech Impact Radar: AI Cybersecurity Ecosystem report for its leadership in AI Security Testing and has been named a Most Loved Workplace for Young Professionals (2024).
View source version on businesswire.com: https://www.businesswire.com/news/home/20260421791520/en/
Media gallery
