Google revealed on July 16 that Big Sleep, its AI agent that finds unknown security vulnerabilities, recently discovered a critical security flaw in SQLite. The vulnerability was only known to threat actors and was at risk of being exploited.
“Through the combination of threat intelligence and Big Sleep, Google was able to predict that a vulnerability was imminently going to be used, and we were able to cut it off beforehand,” the company said.
Google also stated that this is the first time an AI agent has been used to foil efforts to exploit a vulnerability in the wild directly.
The vulnerability, tracked as SQL CVE-2025-6965, was described as “an attacker who can inject arbitrary SQL statements into an application might be able to cause an integer overflow resulting in read off the end of an array”.
Google Big Sleep was announced last year and was developed by Google DeepMind and Google Project Zero. Last November, it was able to find its first real-world security vulnerability.
Moreover, Google announced new AI security features on the same day. The company is enhancing Timesketch, its open-source digital forensic platform, with agentic capabilities. This will speed up incident response by automating the initial forensic investigation using AI.
“We have always believed in AI’s potential to make the world safer, but over the last year, we have seen real leaps in its capabilities, with new tools redefining what lasting and durable cybersecurity can look like,” Google stated.
The post Google’s AI Agent Finds a Critical Security Flaw in SQLite appeared first on Analytics India Magazine.
