Intruder shows how current AI models can be combined with code-scanning frameworks like Joern to find real, exploitable vulnerabilities in production software, rather than just theoretical weaknesses. The team fully automated discovery and exploitation of a remote, multi-stage SQL injection zero-day in the Creative Mail WordPress plugin, affecting sites that also run WooCommerce. #Intruder #Joern #CreativeMail #WooCommerce #CVE-2026-3985
Keypoints
- AI is being used today to find real vulnerabilities, not just hypothetical ones.
- Large codebases create too much noise for direct LLM analysis.
- Joern is used to generate focused code slices for triage.
- The pipeline automatically moved from finding a bug to producing an exploit.
- The first discovered issue was CVE-2026-3985 in Creative Mail.