Orca Security Report: 99.9% of Fixable AI Vulnerabilities Remain Unpatched as AI Moves Into Production

Orca Security, a leader in cloud and AI security, today released its 2026 State of AI Security Report, offering a first-hand view into how AI is being deployed across more than 1,200 production cloud environments. The findings show AI is no longer limited to isolated pilots or developer experiments. Organizations are embedding AI into production applications, cloud services, and autonomous workflows faster than security programs can adapt.

More than half (56%) of organizations have already deployed AI agents into production, while 51% use AI to build custom applications. At the same time, Orca found that 81% of organizations run vulnerable AI packages, and 99.9% of fixable AI vulnerabilities remain unpatched, highlighting how quickly AI has become operational infrastructure without corresponding security maturity.

The report also reveals that AI environments are rapidly becoming more interconnected and business critical. Among organizations adopting AI, 64% now run vector databases, 55% operate four or more AI services simultaneously, and between 87% and 98% of AI workloads across the three major cloud providers lack customer-managed encryption. Together, these findings show that organizations are no longer securing standalone AI tools. They are securing complex AI ecosystems connected to enterprise data, cloud services, identities, and production workflows.

“What surprised us wasn’t simply how fast AI adoption has grown. It was how deeply AI is now woven into production cloud environments,” said Gil Geron, CEO and Co-Founder of Orca Security. “We aren’t just seeing isolated models. We’re seeing AI agents connected to enterprise data, interacting with identities, calling cloud services, and becoming part of business-critical workflows. AI is no longer an experiment. It’s production infrastructure. The number of builders has increased exponentially and organizations need security that provides complete visibility and the confidence to innovate at AI speed without introducing unnecessary risk.”

AI Has Become Production Infrastructure Before Security Was Ready

The report finds AI has evolved beyond standalone models into an interconnected production ecosystem spanning cloud services, AI agents, vector databases, development tools, and autonomous workflows. While this transformation enables organizations to innovate faster, it also expands the attack surface in ways traditional security programs were never designed to address.

Among the report’s key findings:

  • 81% of organizations using AI packages have at least one known vulnerability, up from 62% in Orca’s 2024 report.

  • 50% of AI package vulnerabilities now have a publicly available exploit, a 250-fold increase over 2024.

  • 99.9% of AI vulnerabilities with an available fix remain unpatched.

“AI has introduced an entirely new operational layer into cloud environments,” said Nir Mashal, Chief Information Security Officer at Orca Security. “Organizations now have agents making decisions, vector databases connected to enterprise data, and AI services spread across multiple cloud providers. Security teams need unified visibility across that entire environment, paired with automated prevention, to understand where risk actually exists and stop attackers before damage is done.”

Progress Is Measurable When Organizations Treat AI Like Production Infrastructure

Despite persistent gaps, the research also highlights meaningful progress where organizations have focused security investments. Since Orca’s previous AI report, the percentage of Amazon SageMaker environments running with root access has declined from 98% to 76%, while insecure IMDSv2 configurations dropped from 77% to 48%. These improvements demonstrate that applying production-grade operational discipline to AI environments produces measurable security gains.

The report recommends organizations treat AI as production infrastructure by extending existing security practices across the AI lifecycle, including vulnerability management, credential protection, least-privilege access, encryption, AI-specific monitoring, and governance. The urgency is increasing as new regulations take effect, including the EU AI Act’s high-risk obligations beginning August 2, 2026, and Colorado’s amended AI law taking effect January 1, 2027.

“The organizations making the most progress are treating AI like every other critical production system,” added Geron. “That means applying consistent visibility, governance, least-privilege access, and remediation across the entire AI lifecycle. Security can’t be something you add after deployment. It has to be built into how teams develop and scale AI.”

The 2026 State of AI Security Report analyzes aggregated, anonymized telemetry from more than 1,200 production organizations collected during Q2 2026. The research examines AI cloud services, AI package vulnerabilities, identities and secrets, AI agents, vector databases, encryption, and governance across AWS, Microsoft Azure, and Google Cloud. The full report is available at: https://orca.security/lp/2026-state-of-ai-security-report/.

About Orca Security

Orca Security delivers security for the companies that build. As cloud, applications, AI and app generation expand the attack surface, Orca transforms security risk into the context teams need to act. The Orca Platform provides complete visibility across cloud, AI, and application environments, correlates risk across every layer, and prioritizes the exposures that matter most so organizations can remediate faster and innovate with confidence. Trusted by hundreds of organizations, including SAP, Autodesk, Gannett, Lemonade, and Digital Turbine, Orca is backed by leading investors including Temasek, CapitalG, ICONIQ Capital, and Redpoint Ventures. Learn more at orca.security. Connect your first account in minutes: https://orca.security or book a personalized demo.

Media gallery