CodeMender
Google's AI-driven automated patching framework, defensive counterpart to Big Sleep.
Last refreshed: 20 May 2026 · Appears in 1 active topic
CodeMender auto-patches code Google's AI finds broken; can that speed match the 36-hour exploit window?
Timeline for CodeMender
Mentioned in: GTIG names the first LLM-written working zero-day
Cybersecurity: Threats and Defences- What is Google CodeMender and how does it generate patches?
- CodeMender is Google's AI-driven automated patching framework. It uses LLM reasoning to understand a discovered vulnerability, generate a candidate code fix, and validate it against tests before proposing it for review. It is the remediation companion to Big Sleep.Source: Google Threat Intelligence Group
- Is Google CodeMender available to organisations outside Google?
- As of May 2026, CodeMender has not been confirmed as available outside Google. GTIG's 11 May report describes it auto-patching Google's own critical code paths; external applicability is unconfirmed.Source: Google Threat Intelligence Group
- How do Big Sleep and CodeMender work together?
- Big Sleep autonomously identifies unknown vulnerabilities by reasoning about code semantics. CodeMender takes those findings and generates candidate patches automatically, compressing the window from discovery to deployable fix without requiring a manual developer cycle for each vulnerability.Source: Google Threat Intelligence Group
- Why does the time between finding a bug and patching it matter so much in 2026?
- LiteLLM CVE-2026-42208 was exploited within 36 hours of being added to CISA's KEV catalogue. Exchange CVE-2026-42897 has no patch despite active exploitation. Attackers are operating on a shorter window than defender patch cycles. CodeMender's aim is to automate patch generation to close that gap.Source: CISA KEV / GTIG
Background
CodeMender is Google's automated patching framework, designed to generate and apply code fixes for vulnerabilities identified by AI-driven discovery tools including Big Sleep. In May 2026, GTIG's 11 May report confirmed CodeMender is auto-patching critical code paths, placing it in operational context alongside Big Sleep as the second half of a two-stage defensive pipeline: Big Sleep finds the flaw, CodeMender closes it. The report explicitly framed both tools as Google's defensive countermove against an AI-offence threshold the same document defined through named criminal and state-actor incidents.
CodeMender uses large language model reasoning to understand the semantics of a discovered vulnerability, generate a candidate patch that corrects the flaw without breaking the surrounding code, and validate the patch against a test suite before it is proposed for human review. The goal is to compress the time between vulnerability discovery and a deployable fix, targeting the exploitation window that has proven the critical factor in 2026: LiteLLM CVE-2026-42208 was exploited within 36 hours of KEV addition, while exchange zero-days sit unpatched for weeks. Closing that window programmatically rather than through manual developer cycles is the operational premise.
CodeMender remains a Google-internal tool as of May 2026, applied to code paths within Google's own products and research targets. Its external applicability — whether patches it generates could be submitted to third-party open-source projects or used by other organisations' security teams — has not been publicly confirmed. As the GTIG 11 May report establishes AI as the offensive toolkit of record for both criminal and state actors, the pressure to operationalise defensive AI tools like CodeMender at ecosystem scale rather than within a single vendor grows proportionally.