2025 Annual Report: 153 Publicly Disclosed Vulnerabilities & 0 False Positives

In 2025, ZAST.AI redefined what’s possible in static analysis. It successfully identified and verified critical logic flaws in enterprise infrastructure including Microsoft Azure SDK, Alibaba Nacos, Apache Struts2, Apache Commons, Koa, Langfuse, Node-Formidable, WordPress and more.

🔍 153 Vulnerabilities Publicly Disclosed
🔒 119 CVEs Assigned
🎯 0 False Positives

Every alert backed by an executable PoC. No noise. Just proof.

🔗 https://blog.zast.ai/research/vulnerability%20reports/cybersecurity/The-2025-Bug-Hunter-Report-How-ZAST.AI-Uncovered-115+-Verified-CVE