2026 Cloud & AI Security Risk Report highlights widespread third‑party code vulnerabilities, ghost credentials, and over‑privileged AI identities
Tenable, the exposure management company, has released its Cloud and AI Security Risk Report 2026, revealing a widening AI exposure gap that is being accelerated by third‑party code dependencies, fragmented identity controls, and rapid AI integration across enterprise environments. The report warns that organizations are accumulating risk at a pace that far exceeds their ability to assess or mitigate it.
As engineering teams adopt AI models, MCP‑based third‑party packages, and cloud‑native services at unprecedented speed, Tenable found that exposure has become increasingly invisible deeply embedded across applications, identities, agents, workloads and data pipelines.
“Organizations are inheriting AI risk faster than they can secure it.”
— Liat Hayun, SVP, Product Management & Research, Tenable
A striking 86% of organizations were found to be running third‑party packages with critical‑severity vulnerabilities, while 13% had deployed components with known compromise histories, such as the s1ngularity or Shai‑Hulud worms. Supply chain complexity is further compounded by the discovery that 70% of enterprises have integrated at least one AI or MCP third‑party package without centralized security oversight.
Identity risk is also escalating rapidly.
- 65% of organizations possess dormant or unrotated “ghost” cloud secrets 17% tied to critical admin privileges.
- Non‑human identities such as AI agents and service accounts now account for 52% of high‑risk exposures, surpassing human users.
- Nearly 49% of identities with critical‑severity excessive permissions are inactive.
“AI systems embedded in infrastructure pose a critical risk that CISOs and defenders must address. Lack of visibility and governance means teams are at the mercy of new exposures, including over‑privileged identities in the cloud,” said Liat Hayun, Senior Vice President of Product Management & Research at Tenable. “By focusing on the unified exposure path, organizations can stop managing ‘security debt’ and start managing actual business risk.”
The report emphasizes the need for identity‑centric security, least‑privilege enforcement for AI systems, elimination of static secrets, and unified visibility across cloud infrastructure and third‑party software supply chains.
The findings are based on anonymized telemetry from global public cloud and enterprise environments collected between April and October 2025, with AI‑specific analysis extending through December 2025.
