HackerOne Launches h1 Validation as AI Drives a Surge in Vulnerability Discovery

HackerOne has launched h1 Validation, a new offering built for a growing problem in security operations. AI is helping teams uncover vulnerabilities faster than most organizations are able to validate and fix them. HackerOne is tying the launch to a widening gap between discovery and remediation, as advanced models increase both the volume and complexity of findings, and attackers move faster to take advantage of exposed weaknesses.

The company’s platform data shows how fast things are shifting. Vulnerability submissions rose 76% year over year and reached a record high in March 2026. About one in four of those findings turned out to be exploitable, so the rise in volume is also producing more real issues for security teams to handle. HackerOne also said critical and high-severity vulnerabilities made up 32% of submissions, up from a historical range of 26% to 28%. At the same time, remediation improved by only 19% year over year. That leaves organizations with a larger backlog and less time to resolve issues before attackers strike.

That’s the gap h1 Validation is meant to close. HackerOne says the offering is designed to validate exploitability at scale, prioritize findings tied to real risk, and give security and engineering teams clearer guidance on remediation. The pitch is straightforward. Enterprises don’t need more alerts or more scanning alone. They need a better way to tell which vulnerabilities matter most, especially as attack paths grow more complex and the window to exploitation gets smaller.

The broader point is hard to miss. Vulnerability management is turning into a continuous triage and validation challenge, not a discovery challenge alone. As AI drives up both the number of findings and the speed of attacker activity, the pressure shifts to proving exploitability and cutting time to fix. HackerOne is positioning h1 Validation in the middle of that problem, where the value comes less from finding one more issue and more from helping enterprises work through a growing queue of risk with greater speed and focus.