Google DeepMind Unveils CodeMender: AI Agent Revolutionizing Software Security

Google DeepMind minds the patch with AI flaw-fixing scheme

CodeMender has been generating fixes for vulnerabilities in open source projects Google says its AI-powered security repair tool CodeMender has been helping secure open source projects through automated patch creation, subject to human approval. The Chocolate Factory is already convinced that its AI-driven fuzzing tool, OSS-Fuzz, can find software vulnerabilities that humans miss. CodeMender closes the loop by proposing fixes for flawed code. CodeMender is based on the company's Gemini Deep Think model. According to Raluca Ada Popa, senior staff research scientist at Google's DeepMind, and John "Four" Flynn, VP of security at DeepMind, the AI-based agent can identify the root cause of a vulnerability and can generate and review an appropriate patch before final human sign off. "Over the past six months that we've been building CodeMender, we have already upstreamed 72 security fixes to open source projects, including some as large as 4.5 million lines of code," wrote Popa and Flynn in a blog post. Other AI bug hunting systems have also demonstrated that they can help repair vulnerabilities when wielded by knowledgeable security practitioners. Google's AI folk argue that attackers are already using AI models to help them craft attacks, so it's necessary for defenders to arm themselves similarly. CodeMender is described as an agent because it's not simply a large language model (e.g. Gemini). It has access to a variety of tools for tasks like static analysis, dynamic analysis, differential testing, fuzzing, and SMT analysis. These allow the agentic system to assess the underlying root cause of the vulnerability and to verify the proposed patch so it doesn't introduce regressions. Popa and Flynn say that CodeMender has proven useful not only for fixing vulnerabilities, but also for rewriting existing code to use more secure data structures as a proactive form of defense. They point to how CodeMender was used to apply annotations to portions of an image compression library called . The annotations tell the compiler to add a bounds check to the code, which prevents the exploitation of buffer overflow or underflow conditions. Had these been in place two years ago when a heap buffer overflow vulnerability in (CVE-2023-4863) was abused, iOS users would not have been affected by the zero-click exploit, DeepMind claims. The DeepMinders say that while CodeMender's early results show promise, the system's patches are all being vetted by humans for the sake of reliability. They hope at some point to release CodeMender to the general public. Google has also launched a dedicated AI Vulnerability Reward Program (VRP) that revises and clarifies the rules related to AI bugs that were issued under its Abuse VRP in 2023. AI issues reported under the Abuse VRP have led to payouts totalling more than $430,000 to date. The top award under the AI VRP is $20,000. In addition, the search biz has updated its Secure AI Framework to SAIF 2.0, with new details on the risks posed by AI agents. Google's SAIF 2.0 guidelines for AI agents recall sci-fi author Isaac Asimov's three laws of robotics: "agents must have well-defined human controllers, their powers must be carefully limited, and their actions and planning must be observable." Expect that advice to be ignored with the same enthusiasm that put robocars on US streets. ®

Google's New AI Doesn't Just Find Vulnerabilities -- It Rewrites Code to Patch Them

Google's DeepMind division on Monday announced an artificial intelligence (AI)-powered agent called CodeMender that automatically detects, patches, and rewrites vulnerable code to prevent future exploits. The efforts add to the company's ongoing efforts to improve AI-powered vulnerability discovery, such as Big Sleep and OSS-Fuzz. DeepMind said the AI agent is designed to be both reactive and proactive, by fixing new vulnerabilities as soon as they are spotted as well as rewriting and securing existing codebases with an aim to eliminate whole classes of vulnerabilities in the process. "By automatically creating and applying high-quality security patches, CodeMender's AI-powered agent helps developers and maintainers focus on what they do best -- building good software," DeepMind researchers Raluca Ada Popa and Four Flynn said. "Over the past six months that we've been building CodeMender, we have already upstreamed 72 security fixes to open source projects, including some as large as 4.5 million lines of code." CodeMender, under the hood, leverages Google's Gemini Deep Think models to debug, flag, and fix security vulnerabilities by addressing the root cause of the problem, and validate them to ensure that they don't trigger any regressions. The AI agent, Google added, also makes use of a large language model (LLM)-based critique tool that highlights the differences between the original and modified code in order to verify that the proposed changes do not introduce regressions, and self-correct as required. Google said it also intended to slowly reach out to interested maintainers of critical open-source projects with CodeMender-generated patches, and solicit their feedback, so that the tool can be used to keep codebases secure. The development comes as the company said it's instituting an AI Vulnerability Reward Program (AI VRP) to report AI-related issues in its products, such as prompt injections, jailbreaks, and misalignment, and earn rewards that go as high as $30,000. In June 2025, Anthropic revealed that models from various developers resorted to malicious insider behaviors when that was the only way to avoid replacement or achieve their goals, and that LLM models "misbehaved less when it stated it was in testing and misbehaved more when it stated the situation was real." That said, policy-violating content generation, guardrail bypasses, hallucinations, factual inaccuracies, system prompt extraction, and intellectual property issues do not fall under the ambit of the AI VRP. Google, which previously set up a dedicated AI Red Team to tackle threats to AI systems as part of its Secure AI Framework (SAIF), has also introduced a second iteration of the framework to focus on agentic security risks like data disclosure and unintended actions, and the necessary controls to mitigate them. The company further noted that it's committed to using AI to enhance security and safety, and use the technology to give defenders an advantage and counter the growing threat from cybercriminals, scammers, and state-backed attackers.

DeepMind's CodeMender uses AI to fix software flaws

DeepMind plans wider developer release once CodeMender's reliability is confirmed Google DeepMind has revealed CodeMender, an artificial intelligence agent it says can automatically detect and fix software vulnerabilities before they are exploited by hackers. Google's AI research arm says the new tool can secure open source projects by generating patches which can be applied once they've been reviewed by human researchers. CodeMender builds on DeepMind's Gemini Deep Think model and uses multiple analysis tools, including fuzzing, static analysis, and differential testing, to identify root causes of bugs and prevent regressions. Raluca Ada Popa, senior staff research scientist at DeepMind, and John "Four" Flynn, its vice president of security, said the system had already delivered dozens of fixes. "Over the past six months that we've been building CodeMender, we have already upstreamed 72 security fixes to open source projects, including some as large as 4.5 million lines of code," Popa and Flynn wrote in a DeepMind blog post. The company says CodeMender can act both reactively and proactively, repairing discovered flaws and rewriting code to remove classes of vulnerabilities entirely. The system should ultimately be able to reduce the security maintenance workload by validating its own patches before sending them for human review. The review step is something that Google is keen to stress, noting CodeMender isn't there to replace humans, but rather to act as a helpful agent and expand the increasing volume of vulnerabilities that automated systems can detect. In one case, the team says CodeMender automatically applied -fbounds-safety annotations to parts of the libwebp image compression library, a step DeepMind claims would have prevented past exploits. The annotations force the compiler to check buffer boundaries, lowering the risk of overflow-based attacks. The developers also acknowledge the growing use of AI by malicious actors and argue that defenders need equivalent tools. DeepMind plans to expand testing with open source maintainers and, once its reliability is properly proven, hopes to release CodeMender for wider developer use. Google has also revised its Secure AI Framework and launched a new Vulnerability Reward Program for AI-related flaws.

Google DeepMind introduces new AI agent for code security

Using advanced AI to fix critical software vulnerabilities Today, we're sharing early results from our research on CodeMender, a new AI-powered agent that improves code security automatically. Software vulnerabilities are notoriously difficult and time-consuming for developers to find and fix, even with traditional, automated methods like fuzzing. Our AI-based efforts like Big Sleep and OSS-Fuzz have demonstrated AI's ability to find new zero-day vulnerabilities in well-tested software. As we achieve more breakthroughs in AI-powered vulnerability discovery, it will become increasingly difficult for humans alone to keep up. CodeMender helps solve this problem by taking a comprehensive approach to code security that's both reactive, instantly patching new vulnerabilities, and proactive, rewriting and securing existing code and eliminating entire classes of vulnerabilities in the process. Over the past six months that we've been building CodeMender, we have already upstreamed 72 security fixes to open source projects, including some as large as 4.5 million lines of code. By automatically creating and applying high-quality security patches, CodeMender's AI-powered agent helps developers and maintainers focus on what they do best -- building good software. CodeMender operates by leveraging the thinking capabilities of recent Gemini Deep Think models to produce an autonomous agent capable of debugging and fixing complex vulnerabilities. To do this, the CodeMender agent is equipped with robust tools that let it reason about code before making changes, and automatically validate those changes to make sure they're correct and don't cause regressions.

Google DeepMind unveils CodeMender, an AI agent that autonomously patches software vulnerabilities - SiliconANGLE

Google DeepMind unveils CodeMender, an AI agent that autonomously patches software vulnerabilities Alphabet Inc.'s Google DeepMind lab today shared results for CodeMender, an artificial intelligence-powered agent that automatically detects, patches and rewrites vulnerable code to prevent future exploits. CodeMember builds on DeepMind's previous AI-based vulnerability discovery projects such as Big Sleep and OSS-Fuzz, by combining the reasoning power of Gemini Deep Think models with advanced program analysis techniques. The aim is to debug and repair complex security flaws autonomously across massive codebases. While still only in a research phase, CodeMender has already submitted 72 security fixes to open-source projects, including those spanning more than 4.5 million lines of code. According to DeepMind, CodeMender's AI-powered agent helps developers and maintainers focus on what they do best -- building good software -- by automatically creating and applying high-quality security patches. CodeMender is designed to be both reactive and proactive by instantly patching discovered vulnerabilities and also rewriting existing code to eliminate entire classes of flaws. In one example, the agent applied "-fbounds-safety" annotations to the libwebp image compression library, the same library exploited in a 2023 zero-click iOS attack. In doing so, it rendered similar buffer overflow vulnerabilities "unexploitable forever," according to DeepMind researchers. Under the hood, CodeMender uses a suite of tools including static and dynamic analysis, fuzzing, symbolic reasoning and an "LLM judge" that validates whether proposed changes preserve functionality. The system can self-correct automatically before surfacing its final patch for human review when the validation detects an issue and all changes are verified for correctness, adherence to style guidelines and lack of regressions before submission. DeepMind notes that CodeMender remains a research effort and that "all patches generated by CodeMender are reviewed by human researchers before they're submitted upstream." The DeepMind team plans to expand outreach to open-source maintainers and "hopes to release CodeMender as a tool that can be used by all software developers to keep their codebases secure," with technical papers detailing the agent's architecture and validation pipeline to follow. If and when it's released, CodeMember stands in contrast to traditional methods like static analysis and fuzzing that can surface vulnerabilities but still rely heavily on human expertise to validate and repair them. CodeMender's approach points toward a future where AI systems can handle discovery and remediation, which is arguably a critical step as modern codebases grow exponentially in size and complexity.

Google DeepMind's CodeMender Can Now Fix Security Bugs Automatically

DeepMind said CodeMender is not available to the public at this time Google DeepMind, on Monday, introduced CodeMender, an artificial intelligence (AI) agent designed to automatically detect and fix security vulnerabilities in software code. The AI system can not only identify bugs but also suggest and verify patches, eliminating the need for manual intervention. This means developers can hand over the reins to CodeMender, and it will not require further input. DeepMind highlights that the AI agent is capable of working both reactively by repairing existing security flaws and proactively by rewriting parts of code to prevent future vulnerabilities. Google DeepMind's New AI Agent Can Tackle Security Flaws in Code The company says that fixing vulnerabilities in software is one of the most time-consuming and difficult tasks using traditional means. AI systems have also not been a great help in this area, since it requires understanding the logic and context of thousands of lines of code and detecting a wide range of flaws. Since these are not software-crashing bugs, deployment-based tests are also not useful here. CodeMender, the company claims, is capable of understanding the logic and structure of complex software. It analyses source code, identifies weak points that could lead to potential exploits, and generates secure fixes. After a patch is proposed, the AI agent tests it to ensure that the vulnerability is resolved and no new issues are added. DeepMind's system also self-corrects if a patch fails verification, iterating until the change meets security and functionality standards. It can work both reactively and proactively, and the latter is useful to create defences against potential risks. DeepMind claims that CodeMender can rewrite code to follow safer programming practices, allowing developers to address entire classes of vulnerabilities before they can cause harm. Highlighting its real-world efficiency, the company claimed that the AI agent was able to find 72 verified security patches across major open-source software in a six-month trial period. It was able to suggest fixes for memory mismanagement, buffer overflows, and unsafe data handling. DeepMind claims some of these projects were as large as 4.5 million lines of code. CodeMender is currently a research project, and isn't available to the general public. Currently, every patch generated by the AI agent is reviewed by human researchers before they are submitted upstream. The techniques used for this system and the results from the trials will be published in technical papers and reports in the coming months.