Thought Leadership
The rapid proliferation of artificial intelligence is delivering not just efficiency gains but also a fast-growing set of security challenges. A recent analysis by TrendAI reveals that vulnerabilities in the AI ecosystem are expanding significantly faster than in the broader software landscape, and many organizations are struggling to keep pace.
Since 2018, more than 6,000 vulnerabilities directly affecting AI systems have been identified. In 2025 alone, over 2,100 new flaws were added, a rate of growth that far outpaces the increase in overall known software vulnerabilities.
Particularly striking is the fact that AI-related vulnerabilities now account for an ever-larger share of all reported security issues. This trend suggests that attackers are deliberately targeting emerging technologies.
High-risk flaws across core AI infrastructure
It is not just the volume that is concerning. The severity is equally alarming. Nearly half of all identified vulnerabilities are rated high or critical. The most affected areas include key components of modern AI infrastructure: large language model ecosystems, AI supply chains, agentic AI applications, and interface layers such as MCP servers.
These newer segments often lack mature security frameworks. While established technologies such as traditional machine learning libraries and hardware solutions remain comparatively stable, the emerging categories are generating a disproportionate number of critical risks.
Autonomous systems create new attack surfaces
Two developments stand out in particular: the growing adoption of MCP servers and the rapid expansion of agentic AI.
MCP servers allow AI systems to interact independently with external services, opening up entirely new attack vectors. Within a single year, numerous vulnerabilities were discovered in this category, many related to injection attacks.
The situation is even more dynamic for agentic AI systems. These applications, which make autonomous decisions and execute actions on their own, have seen a massive surge in security flaws. The combination of autonomy and insufficient safeguards makes them particularly susceptible to exploitation.
Outlook: expect further escalation
Experts predict the trend will continue. A further sharp increase in reported vulnerabilities is expected for 2026, with MCP servers and agentic AI again likely to be the most dynamic areas.
Richard Werner of TrendAI warns: “AI is no longer a new attack surface. It has become an established one.” Organizations must therefore integrate security considerations into their AI projects from the outset and treat them with the same rigor as other business critical systems.
The findings make clear that technological innovation and security maturity are currently diverging. As companies adopt AI at an accelerating pace, their defenses often lag behind. To mitigate risk, organizations will need to establish transparency, enforce security standards consistently, and incorporate the entire AI supply chain into their risk management. Only then can the potential of the technology be realized without creating new vulnerabilities.
(pd/Trend Micro)
