AI Models Struggle to Fix Real-World CVEs – Benchmark Results Updated

Researchers released CVE‑Bench, a benchmark of 20 real CVEs from 18 Python projects such as Pillow, GitPython, yt‑dlp and urllib3, to evaluate AI code‑repair models.

Five frontier models – three from OpenAI (GPT‑5.5, GPT‑4.5, GPT‑4) and two from Poolside (Laguna and another) – were tested under three prompt conditions: full advisory, diagnose (behavioral description only) and locate (file+function location only). The corrected evaluation shows GPT‑5.5 achieves a 50 % overall solve rate, rising to 60 % when a full advisory is provided, while other models lag behind. Cross‑family pairwise comparisons now reach statistical significance (p ≤ 0.040) after fixing five faulty tests, but within‑family comparisons remain non‑significant. Token costs vary up to four times for equivalent fixes, and failure modes such as wrong‑search drift, budget exhaustion and partial fixes are consistently observed. The benchmark also highlights that locate prompts, which give only a location, are the most challenging, mirroring real security researcher workflows. Researchers emphasize that while no model reliably fixes all vulnerabilities, the data can guide future improvements in AI‑assisted security tooling.