BlockBeats News, July 11th. The Ethereum Foundation revealed that its protocol security team used an AI agent to conduct vulnerability research on Ethereum client software to enhance network security. During the testing phase, the AI successfully discovered a vulnerability in the Gossipsub message propagation protocol that allowed remote attacks to trigger node program crashes, causing validator nodes to go offline. Currently, the vulnerability has been patched and assigned CVE-2026-34219.
However, the Ethereum Foundation pointed out that the biggest challenge for AI is not finding vulnerabilities but distinguishing between real vulnerabilities and false positives. AI not only generates vulnerability descriptions, impact analyses, and attack code but may also raise seemingly reasonable yet non-existent issues, requiring further validation by security researchers. The Foundation summarized three common types of false positives, including crashes only seen in a testing environment, attack paths that cannot be exploited in a real-world scenario, and invalid proofs in formal verification.
Furthermore, the Ethereum Foundation believes that AI is currently better at analyzing single-code issues but still has limited ability to identify complex attack chains formed by multiple legitimate operations, which are the main reasons behind attacks on multiple cryptographic protocols this year. In the future, the Ethereum Foundation plans to use AI to assist in generating potential attack paths, combine them with manual and automated testing for validation, to further enhance vulnerability discovery efficiency and accuracy.
