logo
|
Blog

    Working With DARPA to Secure Open Source Infrastructure: CVE-2026-31789

    The story behind CVE-2026-31789 demonstrates how DARPA and Xint are accelerating AI cyber defenses
    Hector Leano's avatar
    Hector Leano
    May 04, 2026
    Working With DARPA to Secure Open Source Infrastructure: CVE-2026-31789

    From 2024-2025, DARPA, in collaboration with ARPA-H, hosted the Artificial Intelligence Cyber Challenge (AIxCC), a two-year, $29.5 million competition bringing together some of the top offensive security researchers in the world. The team behind Xint.io came out as one of the big winners, including a $1.5M prize in the competition. 

    But DARPA wanted to ensure that the innovation coming out of AIxCC continued even after the contest was done. As a result DARPA set up a bounty program for the top performers to use the technology developed as part of the competition to find severe vulnerabilities in the open source projects that undergird the modern internet. 

    Said DARPA Director Stephen Winchell, “finding vulnerabilities and patching codebases using current methods is slow, expensive, and depends on a limited workforce – especially as adversaries use AI to amplify their exploits. AIxCC-developed technology will give defenders a much-needed edge in identifying and patching vulnerabilities at speed and scale.”

    As a result of the post-AIxCC program, Xint.io found CVE-2026-31789 in OpenSSL, a heap buffer overflow that could lead to a crash or even attacker-controlled code execution on one of the most widely deployed open-source cryptographic toolkits.

    Our single scan of over 600k code lines in under 6 hours uncovered 411 possible vulns. Because of the trigger/impact reports provided by the Xint scan, we were able to PoC 14 of the top 17 (by severity) crits in less than an hour, with only 3 coming out as false positives (Xint Code has a baseline FP below 25%). Given the constraints on project maintainers, we submitted only CVE-2026-31789 along with a PoC so that they could focus remediation on an impactful threat. 

    Xint continues to work with state and federal agencies to secure critical applications and codebases. With the security teams of each of these organizations tasked with defending hundreds thousands of servers, domains, and APIs, AI has become the only way to defend all these endpoints at the scale and depth needed, especially as attackers have embraced AI in their own tactics. 


    Share article

    Xint

    RSS·Powered by Inblog