One in Five Organizations Report LLM Security Incidents Amid High-Risk Vulnerabilities

Severity: High (Score: 64.5)

Sources: cts.businesswire.com, Streetinsider, Businesswire

Summary

According to the Cobalt State of Pentesting Report published on April 21, 2026, one in five organizations experienced a security incident related to large language models (LLMs) in the past year. The report indicates that 32% of AI/LLM vulnerabilities are rated as high-risk, which is nearly 2.7 times higher than the overall vulnerability rate of 12%. Additionally, LLMs have the lowest resolution rate of any application type, with only 38% of high-risk issues being addressed. The report surveyed 450 security professionals and analyzed pentesting data from over 2,700 organizations. A decline in security teams' confidence was noted, dropping from 64% to 51% regarding their ability to manage AI security risks. Furthermore, 61% of professionals expressed a desire for a strategic pause to reassess defenses against AI threats, although this is deemed unrealistic given the pressure to adopt AI technologies. The report emphasizes the need for organizations to proactively engage in continuous pentesting to identify vulnerabilities before they can be exploited. Key Points: • 32% of AI/LLM vulnerabilities are rated as high-risk, significantly higher than other vulnerabilities. • Only 38% of high-risk issues in LLMs are resolved, indicating a critical gap in security. • 61% of security professionals want a strategic pause to address AI-driven threats, highlighting growing concerns.

Key Entities

• businesswire.com (domain)
• kesscomm.com (domain)