The AI-driven shift in vulnerability discovery: What maintainers and bug finders need to know
… These are low-impact vulnerabilities that pose few-to-no security risks but take a significant amount of time to investigate. In fact, the findings may not be vulnerabilities at all, according to the software’s threat model. …