# Getting LLMs Drunk to Find Remote Linux Kernel OOB Writes (and More)

> Source: <https://heyitsas.im/posts/drinking-llms/>
> Published: 2026-04-29 00:00:00+00:00

*TLDR: the grossly overengineered, self-orchestrating team of vulnerability-hunting agents detailed below has discovered 20+ CVEs over the past few months, including CVE-2026-31432 and CVE-2026-31433: two remote, unauthenticated OOB writes in the Linux kernel’s *

“LLMing” vulnerability research has been on my “Do Something About This” list since DARPA’s [AIxCC](https://www.darpa.mil/research/programs/ai-cyber) and XBOW’s [initial results](https://xbow.com/blog/xbow-scoold-vuln). But back in 2023-24, models required a lot of harnessing to get anything useful, tool use was rudimentary, and the idea of squeezing as much code as I could into a model’s context – then triaging away the false positives – filled me with dread.