Google’s Gemini artificial intelligence-powered Big Sleep system has found further vulnerabilities in popular software, as part of the company’s push towards automated security research.<\/p>\n
<\/p>\n
Vice president of security Heather Adkins outlined a batch of 20 vulnerabilities<\/a>, all rated as priority two (P2) for fixing urgency, and with low, medium and high impact levels if successfully exploited.<\/p>\n They are in an open source graphics layer engine and popular bitmap converter, a multimedia framework and printer filters, an embeddable JavaScript engine, an extended markup language transformer and the Redis in-memory database.<\/p>\n As the vulnerabilities have been reported to maintainers but not yet fixed, details of the flaws are not made public at this stage.<\/p>\n Google security engineering vice president Royal Hansen said the vulnerabilities were found after a large scale run with the Big Sleep AI.<\/p>\n Initial results from a large scale run of @Google<\/a> Big Sleep are here!Our AI agent found a series of vulnerabilities in widely used & reviewed software,demonstrating a new frontier in automated vulnerability discovery.Full details once the issues are fixed: https:\/\/t.co\/9OIAffoatb<\/a><\/p>\n \u2014 Royal Hansen (@royalhansen) August 4, 2025<\/a><\/p>\n Developed with the company’s DeepMind AI division using the Gemini large language model (LLM), the Big Sleep agent found and reproduced the bugs without humain intervention.<\/p>\n