"But vibe coding also opens businesses up to security risks, including the possibility of introducing vulnerabilities into the software being created. In fact, nearly half of all code generated by AI contains security flaws, despite appearing production ready, according to Veracode's 2025 GenAI Code Security report. Veracode tested 100 leading LLMs across 80 curated tasks and found they produced insecure code 45% of the time, with no real improvement across newer or larger models."
"Vibe coding simplifies app development, but it often bypasses essential security vetting and regulatory compliance checks, says Dr Jeff Schwartzentruber, senior machine learning scientist at eSentire. "Without rigorous preplanning, architectural oversight and experienced project management, vibe coding can introduce vulnerabilities, compliance gaps and substantial technical debt.""
"Vibe coding lowers the barrier to entry for creating software, but the autonomous nature of AI-generated suggestions introduces security risks, says Louise Fellows, VP, northern Europe at GitLab. " AI provides the 'vibe' or suggested patterns that developers might accept without critical evaluation or deep comprehension of their underlying security implications. This can result in vulnerabilities in the codebase."
Vibe coding uses a developer description of a project as input to a large language model to generate code, enabling software and app creation with limited training, lower costs, and faster development. The approach can create production-ready-looking code that often contains security flaws; a Veracode report found AI-generated code was insecure 45% of the time after testing 100 LLMs on 80 tasks, with no improvement across newer or larger models. Vibe coding can bypass security vetting, regulatory compliance, and architectural oversight, introducing vulnerabilities, compliance gaps, and substantial technical debt. Casual acceptance of AI suggestions increases the risk of latent vulnerabilities.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]