Recent advancements in generative AI, particularly with models like GPT-4 and Claude Sonnet 3.7, have significantly accelerated the process of creating proof-of-concept (PoC) exploit code from vulnerability disclosures. Matthew Keely from ProDefense demonstrated this by developing a working exploit for a critical vulnerability in the Erlang SSH library (CVE-2025-32433) in just an afternoon. The AI was able to analyze the code differences from a published patch to identify exploitative vulnerabilities, underscoring how quickly defenders must respond against such automated attack capabilities.
Turns out - yeah, it kinda can, GPT-4 not only understood the CVE description... found the vuln, and even wrote a PoC.
The time from vulnerability disclosure to proof-of-concept exploit code can now be as short as a few hours, thanks to generative AI models.
Collection
[
|
...
]