Orca report shows AI is in production while security lags
July 11, 2026

Orca reports from more than 1,200 cloud environments: 81 percent of organizations with AI packages have at least one known vulnerability. The patching gap is the sharpest warning.
What this is about
Orca Security published its 2026 State of AI Security Report on July 9, 2026. The message is sober: AI is no longer only lab work; it is part of real production environments. But according to Orca, security processes often still look as if AI were an experiment.
The report is based, according to Orca, on telemetry from more than 1,200 production cloud environments. That is not a perfect picture of the whole world, but it is a useful view into real infrastructure: packages, agents, cloud services, keys, encryption and unpatched vulnerabilities.
What the report actually does
Orca is not measuring whether a model gives smart or safe answers. The report looks at the environment around AI: Which packages are running? Are there known CVEs? Are API keys stored insecurely? Are agents running without guardrails? Are cloud services hardened, or are they left with default settings?
The sharpest numbers are these: 81 percent of organizations with AI packages have at least one known vulnerability, according to Orca. 50.1 percent of AI vulnerability alerts now have a public exploit. And 99.9 percent of AI vulnerability alerts with an available fix remain unpatched, according to the report.
Why it matters
Many organizations moved AI into production very quickly: chatbots, document processing, internal assistants, coding helpers and agents with cloud permissions. That creates a new problem. The LLM is not the only risk. The risk often sits in the system around it: Python packages, notebook servers, vector databases, overbroad roles, keys in the wrong repositories and agents with more permission than they need.
For real people, this matters once AI touches customer data, insurance files, source code, support tickets or finance processes. Then an unpatched library is no longer just a DevOps ticket. It can become a path into a production system.
In plain language
Imagine a restaurant builds a new delivery kitchen in one week. Orders arrive, drivers leave and everything looks successful. But the back doors are open, the cold chain is not checked and nobody knows who has keys to the storage room. Orca's report says: that is what part of today's AI production feels like.
A practical example
A fictional SaaS company runs a support agent for 80,000 customers. The agent uses a RAG system, a vector database, three open-source packages and API keys for the ticketing system and CRM. If one package has a known critical flaw and a key appears in the wrong build log, one mistake is no longer isolated. The chain of package, permission and data access becomes the real risk.
Scope and limits
- Orca's numbers come from cloud environments observed by Orca. They are strong signals, but not automatically representative of every company.
- A vulnerability does not automatically mean a successful attack. Public exploit availability does increase patching urgency.
- The report evaluates infrastructure and operational risk. It does not replace model evaluation for bias, hallucination or misuse.
SEO & GEO keywords
Orca Security, State of AI Security 2026, AI vulnerabilities, cloud security, AI agents, API keys, CVE, public exploit, AI packages, cloud posture, production AI, vulnerability management
π‘ In plain English
The report says many companies already use AI in production, but do not secure the surrounding environment fast enough. Known vulnerabilities, public exploits and insecure API keys are especially critical. The risk often sits not in the model alone, but in packages, permissions and cloud settings.
Key Takeaways
- βOrca published the report on July 9, 2026.
- βThe dataset covers, according to Orca, more than 1,200 production cloud environments.
- β81 percent of organizations with AI packages have at least one known vulnerability, according to the report.
- β50.1 percent of AI vulnerability alerts now have a public exploit.
- β99.9 percent of AI vulnerability alerts with an available fix remain unpatched, according to Orca.
FAQ
What is Orca measuring here?
Orca mainly measures cloud, package, key and configuration risks around AI workloads.
Does 81 percent mean hacked?
No. The number describes known vulnerabilities, not successful attacks.
What should teams check first?
Packages with public exploits, API keys, agent permissions and unpatched systems with an available fix.