A developer — or increasingly, someone with no coding experience — opens an AI tool, enters a prompt, receives a working application within minutes, and deploys it. The application functions well and clients are satisfied. However, the application likely contains hardcoded API keys, lacks input validation, has unauthenticated admin endpoints, and contains SQL injection vulnerabilities exploitable by amateur attackers.
This represents the reality of vibe coding in 2026, with alarming statistics backing these concerns.
The Numbers Nobody Wants to See
Research reveals stark security gaps in AI-generated applications:
- 73% of vibe-coded applications have at least one OWASP Top 10 vulnerability at deployment — not in testing, but in live production environments
- 45% of AI-generated code samples introduce security vulnerabilities, according to Veracode’s analysis of over 100 large language models
- AI-generated code demonstrates 2.7x higher vulnerability density compared to human-written code, with severe vulnerabilities appearing 2.5x more frequently
- 86% of AI-generated samples failed to defend against cross-site scripting. 88% were vulnerable to log injection
”It Works” Is Not the Same as “It’s Safe”
The fundamental flaw in vibe coding methodology involves conflating functionality with security. When developers prompt AI agents to build applications, they optimize for one outcome: does it function? Does the page render? Does the form submit? Does the API return data?
Functional code and secure code represent entirely different criteria. An endpoint can return correct data while remaining vulnerable to SQL injection. A login page can authenticate users while storing passwords in plaintext. A file upload feature can work perfectly while allowing arbitrary code execution.
AI models are trained to produce functional code, not necessarily secure code. They’re trained on billions of lines of open-source code containing numerous poor security practices — hardcoded credentials, raw SQL strings, disabled CORS checks, missing input validation. The model doesn’t recognize these as dangerous patterns; it simply recognizes their frequent appearance in working code.
Real Incidents
Security vulnerabilities in vibe-coded applications have already caused documented harm.
The Lovable Disaster
A Replit employee scanned 1,645 applications created on Lovable, a popular vibe coding platform, and discovered that 170 of them — more than 10% — allowed unrestricted access to user data including names, emails, financial records, home addresses, and API keys. These were production applications, not test environments.
Hardcoded Secrets at Scale
GitGuardian’s 2026 State of Secrets Sprawl report documented 28.65 million new hardcoded secrets pushed to public GitHub repositories in 2025 — a 34% year-over-year increase and the largest single-year jump ever recorded. AWS access tokens, Stripe secret keys, and Azure service principals were baked directly into source code, with AI coding tools identified as the primary accelerant.
CVE Surge
Georgia Tech’s Vibe Security Radar tracked 35 new CVE entries in March 2026 directly attributable to AI-generated code, up from six in January. Researchers estimate the true count is five to ten times higher across the broader open-source ecosystem.
Slopsquatting Attacks
AI models hallucinate package names that don’t exist. Attackers have begun registering these fictitious names as real packages loaded with malicious code. A confirmed case involved a package called “unused-imports” executing post-install scripts designed to steal credentials and API keys.
Seven Security Gaps in Vibe-Coded Applications
1. Authentication That Doesn’t Authenticate
The most universal failure across studies involves broken access control. AI generates login forms, session mechanisms, and auth middleware that appear correct but don’t actually verify tokens or check permissions. Middleware may verify tokens without checking permissions, or verify permissions on main routes while leaving admin panels completely open.
If vibe coders aren’t manually verifying every route’s authentication requirements, they likely have unauthenticated endpoints in production.
2. Raw SQL Everywhere
AI models frequently generate raw SQL strings concatenated with user input. While models can write parameterized queries, training data contains both patterns, and the model doesn’t consistently select the secure option.
Particularly problematic: vulnerable code often sits alongside secure code in the same file. Models write parameterized queries for one function and raw SQL strings for another. Developers skimming the output will notice the safe query and incorrectly assume everything is secure.
3. Hardcoded Secrets
API keys, database passwords, and JWT secrets are regularly embedded directly in code because this pattern appears in tutorials, documentation, and Stack Overflow answers.
Vibe-coded applications typically lack .env files or secrets managers. Instead, Stripe secret keys appear on line 14 of server.js, ready for public GitHub repository commits.
4. No Input Validation
Every user input represents a potential attack vector — form fields, URL parameters, file uploads, API request bodies, HTTP headers. All require validation before touching application logic.
Vibe-coded applications rarely validate input. AI generates code handling the happy path: well-formed emails, reasonable file sizes, valid JSON bodies. It doesn’t generate code for attack paths: form fields containing script tags, file uploads containing PHP shells, JSON bodies designed to crash parsers.
5. Unverified Dependencies
When AI agents suggest packages, developers rarely verify existence, maintenance status, maintainer identity, or dependency trees. Installation succeeds, code works — but 19.7% of packages AI recommends don’t actually exist, and slopsquatting means some have been registered by attackers specifically because AI keeps suggesting them.
6. Error Handling Revealing Everything
AI-generated error handlers prioritize helpfulness, returning full stack traces, database connection strings, internal file paths, and server configuration details in API error responses. While convenient during development, this information disclosure vulnerability reveals exactly what stack, database, and file structure attackers face.
7. CORS Set to Accept Everything
When developers encounter CORS errors, they prompt for solutions and AI responds with Access-Control-Allow-Origin: *. The error disappears, the application works.
However, any website on the internet can now make authenticated requests to the API on behalf of users — a critical cross-origin vulnerability.
Why This Matters More Than You Think
The individuals most likely to vibe code are those least likely to understand security. This isn’t an insult — it’s the entire value proposition. Vibe coding enables non-developers to build applications. But non-developers don’t understand SQL injection, CORS, or the distinction between functional and secure code.
These applications aren’t all hobby projects. They’re MVPs with real users, internal tools handling employee data, startup products collecting payment information. The stakes are genuinely high, despite limited security awareness.
Minimum Security Practices Before Deployment
For those using vibe coding approaches, essential pre-deployment steps:
Run security scanners using tools like Snyk, Semgrep, or GitHub CodeQL to automatically catch obvious vulnerabilities including hardcoded secrets, vulnerable dependencies, and basic injection patterns.
Manually verify authentication for every route, confirming that endpoints require login when appropriate.
Search codebases for hardcoded strings resembling keys, tokens, passwords, or secrets, moving all to environment variables.
Validate all input by whitelisting allowed content rather than blacklisting dangerous patterns.
Verify every dependency, confirming existence on official package repositories like npm or PyPI and checking maintenance status.
Set proper CORS policies by specifying authorized domains rather than using wildcards.
Remove stack traces from production by logging them server-side while returning generic error messages to clients.
Conclusion
Vibe coding represents powerful, democratizing technology for future software development. However, it currently ships vulnerabilities at unprecedented scale and speed: 35 CVEs in a single month, 28 million exposed secrets, 73% of deployed applications with critical flaws.
The fundamental question has shifted from “Does it work?” to “Is it safe?” The industry must prioritize security awareness alongside functionality before more user data falls into attackers’ hands.