Security and Quality in LLM-Generated Code: A Multi-Language, Multi-Model Analysis

Researchers tested code generated by five different LLM (large language model, AI systems that write text) families across four programming languages and found significant security weaknesses, especially in C and C++ where memory safety issues (bugs that let attackers access or corrupt memory) and hard-coded secrets (passwords or keys written directly in code) were common. The study revealed that LLMs often fail to use modern security features available in newer versions of programming tools and tend to rely on outdated, less secure methods. The researchers conclude that LLMs need to be improved to generate code that follows current security best practices.