VendorsVeracode
Veracode
Cybersecurity reports and statistics published by Veracode
8 categories5 reports
Research Reports
Reports and publications from Veracode
Recent Statistics & Reports
82% of organizations now harbor security debt, an 11% increase from the prior year.
5/27/2026•
Security DebtVulnerabilities
Third-party libraries and open-source dependencies account for 66% of the most dangerous, longest-lived vulnerabilities.
5/27/2026•
Open Source RiskThird-Party RiskVulnerabilities
11.3% of software flaws pose real-world danger.
5/27/2026•
VulnerabilitiesRisk Prioritization
Critical security debt, defined as risky vulnerabilities older than a year, increased 20% year-over-year.
5/27/2026•
Security DebtVulnerabilitiesRisk Management
60% of organizations with security debt have security debt defined as "critical," representing vulnerabilities severe enough to cause catastrophic damage if exploited.
5/27/2026•
Security DebtCritical VulnerabilitiesRisk Management
High-risk vulnerabilities (flaws that are both severe and highly exploitable) increased 36% year-over-year.
5/27/2026•
High-Risk VulnerabilitiesExploitabilityRisk Management
Google Gemini 2.5 Pro achieved a 59% pass rate on security tests.
11/22/2025•
Gen AIGen AI codeGoogle Gemini
OpenAI’s standard GPT-5 achieved a 70% pass rate on security tests.
11/22/2025•
Gen AIGen AI codeOpenAI
Anthropic’s Claude Sonnet 4.5 achieved a 50% pass rate on security tests.
11/22/2025•
Gen AIGen AI codeAnthropic
Over 85% of tasks related to Cryptographic Algorithms passed across the industry.
11/22/2025•
Gen AIGen AI code
OpenAI’s non-reasoning GPT-5-chat model delivered a 52% pass rate on security tests.
11/22/2025•
Gen AIGen AI codeOpenAI
The pass rates for Cross-Site Scripting (XSS) vulnerabilities remained below 14% across all evaluated models.
11/22/2025•
Gen AIGen AI codeXSS vulnerabilities
xAI Grok 4 achieved a 55% pass rate on security tests.
11/22/2025•
Gen AIGen AI codexAI Grok 4
Qwen3 Coder achieved a 50% pass rate on security tests.
11/22/2025•
Gen AIGen AI codeQwen3 Coder
The pass rates for Log Injection vulnerabilities were near 12% across all evaluated models.
11/22/2025•
Gen AIGen AI codeLog Injection vulnerabilities
OpenAI’s GPT-5 Mini achieved a 72% pass rate on security tests, marking the highest recorded to date.
11/22/2025•
Gen AIGen AI codeOpenAI
Top-performing BFSI enterprises remediate over 9% of open flaws monthly, while lagging organizations have security debt in 85% or more of their applications.
11/1/2025•
Open-source VulnerabilitiesVulnerabilitiesremediation
63% of banking, financial services, and insurance organizations reported harboring critical security debt in 2025, which is 13 percentage points higher than the cross-industry average.
11/1/2025•
Open-source VulnerabilitiesVulnerabilitiessecurity debt
77% of financial services organizations reported accruing some level of security debt.
11/1/2025•
Open-source VulnerabilitiesVulnerabilitiessecurity debt
Open-source flaws account for over 82% of critical security debt at financial firms, despite third-party code representing only 17% of total security debt.
11/1/2025•
Open-source VulnerabilitiesVulnerabilitiesremediation
Showing 1-20 of 36 results