Cisco Just Changed How It Tells You About Bugs. The CVE Flood Is Here.

The vulnerability disclosure pipeline has started bending

On May 22, 2026, Cisco announced it is rewriting one of the oldest unwritten rules of enterprise software security: that every internally discovered vulnerability with a meaningful CVSS score gets its own public advisory. From now on, lower-severity bugs that Cisco finds inside its own products may roll up into release notes instead of standalone disclosures, with detailed write-ups reserved for issues that are critical, actively exploited, or assessed as likely to be exploited. Customers will be directed to install the security-hardened release rather than read about each individual fix.

Cisco is not retreating from disclosure. It is admitting, in public, that the volume of vulnerabilities its own AI tooling is now finding has crossed the line where one-advisory-per-bug stops being useful — and started being noise. That admission is the real story.

What changed

In a May 22 post on the Cisco Security blog, Russ Smoak, the VP running Cisco's Security Assurance & Response group, is explicit. Frontier AI models are being deployed inside Cisco's security engineering teams to find and fix vulnerabilities, in his words, at a pace previously unattainable. The same models are being aimed at Cisco's products in red-team simulations. The internal disclosure pipeline — which assumes a human researcher reads each finding and a human author writes each advisory — cannot scale to the volume those models produce. So Cisco is changing it.

The mechanism is straightforward once you see it. Frontier reasoning models trained on cybersecurity work (think Anthropic's Claude Mythos, Google's Gemini and OpenAI's GPT-5.5-Cyber — the same class of model your developers may be using to write code) are unusually good at spotting semantic logic flaws: the kind of subtle bug where a function trusts an input it should not, or where a permission check happens after the action it was supposed to gate. Traditional fuzzers — the automated tools that brute-force a program with random inputs — stumble on those. The models can read the surrounding code and reason about what it is meant to do. Point one at a large codebase and it returns hundreds of plausible findings; most are noise, some are real, and the real ones may have been dormant in production for years. The result is a flood.

• Public CVE issuance for Chrome is up 563% year-to-date, according to VulnCheck's analysis published May 14, 2026. Mozilla is up 156.9%, VMware 180.9%, Apache 170.3%, F5 113.8%. GitHub's CVE program is up 476%. Across the board, the lift is across many reporters and many projects — not concentrated on one tool.
• Anthropic's Project Glasswing partner list, published April 7, 2026, reads like a roster of the vendors driving those numbers: AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks, others.
• One concrete example: ActiveMQ CVE-2026-34197, discovered by researcher Naveen Sunkavally with Claude's assistance, is now actively exploited in the wild and listed on the CISA Known Exploited Vulnerabilities catalogue. The same flood that produces noise also produces these.

Why it matters

For two decades the operating assumption inside security teams has been simple: a published CVE is the fundamental unit of vulnerability awareness. You subscribe to the NVD feed (the US National Vulnerability Database — the canonical CVE index), you watch your intake, you patch what scores high. That model assumed disclosure volumes humans could write and humans could read. Cisco's change — and the parallel shifts visible at Mozilla, Microsoft, Apache, and Palo Alto — is the first public concession that the assumption no longer holds. The flood is real, and the existing rails cannot carry all of it.

For your team, the practical consequence is this: if you still treat "check the CVE feed Monday morning" as the primary signal for patching Cisco products, you will increasingly miss fixes that ship inside release notes instead of advisories. The vendor will tell you in the release notes; it will not tell you on the CVE feed. Meanwhile attackers using the same class of AI tools are compressing the time from disclosure to exploitation — Mandiant's M-Trends 2026 found 28.3% of CVEs are now exploited within 24 hours. The whole timeline is shifting at once: more bugs found, fewer of them announced individually, faster exploitation when they are.

What to do about it

1. Subscribe to vendor security release notes, not just NVD. Cisco PSIRT, Microsoft's MSRC blog, the Mozilla security blog, GitHub's security advisories list — wire them into your weekly review. The CVE feed will continue to be useful, but it is no longer authoritative on its own, because many fixes will only appear in release notes.
2. Prioritise on exploitation evidence, not CVSS score. When disclosure volumes triple, CVSS-9 is no longer rare. Use CISA's KEV catalogue, the EPSS exploit-prediction score, and vendor-provided risk ratings to triage what actually needs attention this week. Reserve heroic patching for the bugs being used against people right now.
3. Move to release-version patching where you can. If a vendor tells you to install the security-hardened release, that is now a defensible patch trigger on its own. Build your change-control to accept "this release contains undisclosed internal fixes" as a valid justification — because in 2026, increasingly, it is.

Bottom line

Cisco did not change its disclosure rules because it wanted to share less. It changed them because frontier AI models are finding more bugs than the human disclosure pipeline can describe. Expect every major vendor to make a version of the same move in the next twelve months. The defensive job — patch what matters, fast — is unchanged. The signal you trust to know what matters is.