Software security flaws are proliferating at a faster rate than the development of new coding structures
Software Security Vulnerabilities on the Rise: A New Study Reveals Exponential Growth
In a groundbreaking study, Joline Wochnik and her colleagues from the Cyber Agency in Halle have revealed that software security vulnerabilities are growing exponentially, while the size of the code itself is increasing only linearly. This research, presented at the 2024 World Congress in Computer Science, Computer Engineering, & Applied Computing (CSCE'24) in Las Vegas, highlights a critical gap in software development and cybersecurity practices.
Wochnik, a master's student in data science, co-authored a research paper based on her bachelor’s thesis. The study indicates that the increasing complexity of software does not translate to improved security, suggesting that vulnerabilities are becoming more frequent disproportionately to how much the software grows.
The findings of this study have significant international recognition, reflecting the urgent challenges in software security that need better understanding and emerging solutions. Wochnik's research suggests that understanding the influencing factors of security vulnerabilities can help improve digital security for all.
The new study by Wochnik and her team provides a first foundation for systematically recording the increase in security vulnerabilities in codes. The research paper was co-authored by Olivia Gräupner, Cyber Agency research director Christian Hummert, and Michael Spranger of Mittweida University.
Other factors such as changes in the quality of the software or an increase in the worldwide search for security vulnerabilities may be contributing to the increase. The research creates a basis for further research and better strategies, according to Wochnik.
The Cyber Agency in Halle has warned about an increasing number of security vulnerabilities in software, and an interview with Joline Wochnik from the Cyber Agency Halle is available online. In the interview, published on the website CURRENT on July 21, 2025, Wochnik emphasizes the importance of raising awareness about software security vulnerabilities and their dynamics.
The rapid increase in vulnerabilities cannot be explained by the increase in code size alone. For instance, a security vulnerability in Microsoft's file management software SharePoint is currently enabling hacker attacks on sensitive data.
Christoph Igel, who has been heading the Cyber Agency of the federal government since the summer, aims to drive cybersecurity research. Christopher Kunz from the computer magazine c't has estimated who is affected by this vulnerability.
The research paper and an audio download of the research presentation are available on the website. Wochnik's work lays a foundation for further study into the causes behind this trend and how future software can be better designed to mitigate these vulnerabilities. It is essential for software developers, cybersecurity professionals, and users alike to understand this trend and take steps to improve software security.
The rapid increase in software security vulnerabilities, as revealed by Joline Wochnik's study, is not solely attributed to the growth in code size. Moreover, this trend underscores the need for better understanding and improved strategies in cybersecurity, especially in relation to technology.
Wochnik's research paper highlights the importance of understanding the influencing factors of security vulnerabilities and suggests that this understanding can aid in improving digital security for all.
