\n<\/p>\n
Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild.<\/p>\n
The vulnerability, tracked as **CVE-2025-6965** (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by Big Sleep, an artificial intelligence (AI) agent that was launched by Google last year as part of a collaboration between DeepMind and Google Project Zero.<\/p>\n
“An attacker who can inject arbitrary SQL statements into an application might be able to cause an integer overflow resulting in read off the end of an array,” SQLite project maintainers said in an advisory.<\/p>\n
<\/p>\n
The tech giant described CVE-2025-6965 as a critical security issue that was “known only to threat actors and was at risk of being exploited.” Google did not reveal who the threat actors were.<\/p>\n
“Through the combination of threat intelligence and Big Sleep, Google was able to actually predict that a vulnerability was imminently going to be used and we were able to cut it off beforehand,” Kent Walker, President of Global Affairs at Google and Alphabet, said.<\/p>\n
“We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild.”<\/p>\n
In October 2024, Big Sleep was behind the discovery of another flaw in SQLite, a stack buffer underflow vulnerability that could have been exploited to result in a crash or arbitrary code execution.<\/p>\n
Coinciding with the development, Google has also published a white paper to build secure AI agents such that they have well-defined human controllers, their capabilities are carefully limited to avoid potential rogue actions and sensitive data disclosure, and their actions are observable and transparent.<\/p>\n
“Traditional systems security approaches (such as restrictions on agent actions implemented through classical software) lack the contextual awareness needed for versatile agents and can overly restrict utility,” Google’s Santiago (Sal) D\u00edaz, Christoph Kern, and Kara Olive said.<\/p>\n
“Conversely, purely reasoning-based security (relying solely on the AI model’s judgment) is insufficient because current LLMs remain susceptible to manipulations like prompt injection and cannot yet offer sufficiently robust guarantees.”<\/p>\n
To mitigate the key risks associated with agent security, the company said it has adopted a hybrid defense-in-depth approach that combines the strengths of both traditional, deterministic controls and dynamic, reasoning-based defenses.<\/p>\n
<\/p>\n
The idea is to create robust boundaries around the agent’s operational environment so that the risk of harmful outcomes is significantly mitigated, specifically malicious actions carried out as a result of prompt injection.<\/p>\n
“This defense-in-depth approach relies on enforced boundaries around the AI agent’s operational environment to prevent potential worst-case scenarios, acting as guardrails even if the agent’s internal reasoning process becomes compromised or misaligned by sophisticated attacks or unexpected inputs,” Google said.<\/p>\n
“This multi-layered approach recognizes that neither purely rule-based systems nor purely AI-based judgment are sufficient on their own.”<\/p>\n
Found this article interesting? Follow us on Twitter _\uf099_ and LinkedIn to read more exclusive content we post.\n<\/div>\n
View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"Security Update News Update Information Title Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act Update ID THN:AB51D47E5FA97DD302EC9CD87F3073A1 Type thn Published…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,39,12,15,13,7,11,43,5],"class_list":["post-8225","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-72","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n
Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=8225\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act Update ID THN:AB51D47E5FA97DD302EC9CD87F3073A1 Type thn Published...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=8225\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-16T04:37:13+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8225#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8225\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act\",\"datePublished\":\"2025-07-16T04:37:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8225\"},\"wordCount\":617,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-7.2\",\"exploit\",\"HIGH\",\"news\",\"Security\",\"tapic\",\"thn\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=8225#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8225\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8225\",\"name\":\"Google AI \\\"Big Sleep\\\" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-07-16T04:37:13+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8225#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=8225\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8225#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Google AI \"Big Sleep\" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=8225","og_locale":"en_US","og_type":"article","og_title":"Google AI \"Big Sleep\" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act - zero redgem","og_description":"Security Update News Update Information Title Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act Update ID THN:AB51D47E5FA97DD302EC9CD87F3073A1 Type thn Published...","og_url":"https:\/\/zero.redgem.net\/?p=8225","og_site_name":"zero redgem","article_published_time":"2025-07-16T04:37:13+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=8225#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=8225"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act","datePublished":"2025-07-16T04:37:13+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=8225"},"wordCount":617,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-7.2","exploit","HIGH","news","Security","tapic","thn","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=8225#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=8225","url":"https:\/\/zero.redgem.net\/?p=8225","name":"Google AI \"Big Sleep\" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-07-16T04:37:13+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=8225#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=8225"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=8225#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/8225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8225"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/8225\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}