al-ice.ai

EU CRA — Vulnerability Reporting Obligations for AI Vendors Begin September 2026

Security by al-ice.ai Editorial

AI relevance: The EU Cyber Resilience Act's manufacturer vulnerability reporting obligations (Article 14) apply from September 11, 2026 — covering AI/LLM vendors, model providers, and companies shipping AI-enabled products to the European market.

What happened

A discussion thread on the oss-sec mailing list titled "Coordinated Disclosure in the LLM Age" has clarified key compliance timelines for the EU Cyber Resilience Act (CRA):

  • September 11, 2026 — Manufacturer vulnerability reporting obligations under Article 14 take effect. All manufacturers of products with digital elements (including AI/ML systems shipped as software) must report security vulnerabilities they discover or are notified of to EU authorities.
  • December 2027 — Full CRA regulation applies. Open-source projects classified as "stewards" become responsible for reporting all security-related fixes to the EU, not just manufacturers.
  • Greg KH's assessment: The September 2026 manufacturer reporting will be a "slow trickle" initially, with the EU planning for gradual compliance. The real volume of reports arrives in December 2027 when steward obligations kick in.
  • Willy Tarreau's position: Increasingly removing security-relevant details from commit messages to avoid premature disclosure, though this conflicts with downstream integrators' need for visibility.
  • The thread's broader concern: AI/LLM systems complicate coordinated disclosure because vulnerabilities span model behavior, serving infrastructure, tool integrations, and agent frameworks — no single traditional CVE captures the full attack surface.

Why it matters

AI companies operating in Europe — including model providers like Mistral AI, OpenAI (which has EU operations), Anthropic, and any organization deploying AI agents with digital components — will need to establish formal vulnerability reporting processes by September. This intersects directly with the ongoing Mini Shai-Hulud supply chain crisis, where vulnerabilities in open-source dependencies propagate to dozens of AI companies simultaneously. The CRA's reporting timeline creates a compliance layer on top of traditional disclosure practices that the security community is still debating how to handle.

What to do

  • AI/ML vendors shipping to EU markets should audit their vulnerability disclosure processes against CRA Article 14 requirements before September 2026.
  • Open-source AI projects should determine whether they fall under the "steward" category and prepare for December 2027 reporting obligations.
  • Security teams should begin tracking the EU's vulnerability reporting feed once active, as it may reveal AI-related vulnerabilities before they appear in traditional CVE databases.
  • Consider how coordinated disclosure works for AI-specific vulnerabilities — prompt injection chains, agent tooling abuse, and model poisoning don't fit neatly into existing CVE frameworks.