AI May Fix a 15-Year-Old Bug It Helped Spread

Researchers Turn to AI to Fix a Zombie Flaw that AI Helped Propagate Rashmi Ramesh (rashmiramesh_) • June 11, 2025

Artificial intelligence tools that inadvertently perpetuated a decade-old bug may now also help eliminate it.

See Also: Taming Cryptographic Sprawl in a Post-Quantum World

A developer in 2010 published a small code snippet as a GitHub Gist to show how to create a static file server in Node.js. It included a subtle path traversal vulnerability allowing attackers to navigate outside a designated directory. Over time, the insecure pattern propagated through Stack Overflow answers, blog posts, university tutorials and even production repositories of major companies.

Over the years, it became so embedded in developer culture that it found its way into training data for today’s AI models.

"We are not 100% sure that the 2010 Gist is the original source, but it's the earliest instance ...