Vibe coding’s security blind spots raise concerns as developers report hidden vulnerabilities

Bob Starr, a project manager, built a website called “Boomberg” using an AI coding tool and launched it immediately after creation. Months later, he discovered a hidden SQL injection vulnerability that could have allowed attackers to access or alter data. Starr described the oversight as a “glaring blind spot” in his understanding of the new technology, emphasizing that others may be making similar mistakes as they adopt AI-assisted coding. He later fixed the issue.

Across social media, developers have shared similar experiences. Jer Crane, founder of PocketOS, reported that an AI coding agent accidentally wiped out his company’s production database. Joe Procopio, a serial entrepreneur, vibe-coded a web app to privately demo other projects but took it offline after hackers breached it, later reverting to traditional methods for demos.

Security experts highlight a broader pattern of vulnerabilities in AI-generated apps. Gabriel Bernadett-Shapiro, a distinguished AI research scientist at SentinelOne, noted that the risk escalates when personal apps transition into business use, particularly those handling customer logs, medical data, financial records, or internal documents. He stressed that such apps require stricter security standards, regardless of how quickly they were built.

Jack Cable, CEO and cofounder of Corridor, echoed this concern, stating that vibe coding is suitable for low-risk prototypes but inadequate for handling sensitive or publicly exposed data. He advised developers to consider threat models and err on the side of caution when security is uncertain.

Max Segall, COO of crypto wallet firm Privy, shared a near-miss where a colleague identified a critical flaw in EzRun, an AI-built app designed to reward his child with Ethereum for running. The flaw could have allowed attackers to modify user accounts. Segall emphasized the importance of proactive security reviews in AI-assisted development.

High-profile cases further illustrate the risks. In January, Matt Schlicht launched Moltbook, a social network built entirely for AI agents without any manually written code. Within days, security firm Wiz discovered the app’s production database was entirely exposed, leaking tens of thousands of email addresses and private messages. Moltbook patched the vulnerability after being notified.

Researchers at cybersecurity firm Red Access reported finding roughly 5,000 publicly accessible apps built with popular vibe-coding tools that lacked authentication, with nearly 2,000 leaking sensitive data such as medical and financial information, strategy documents, and chatbot conversation logs.

Experts note that while professionally developed software often has security flaws, the proliferation of AI-assisted coding exponentially increases the volume of apps—and thus the potential attack surface. They warn that AI tools may provide a false sense of security, as developers might assume the AI-generated code is safe without additional scrutiny. Security tools like Claude Code’s /security-review command or OpenAI’s Codex Security agent require manual setup and are often not used by casual developers.