Vega Review: The AI Agent Behind 3 Chrome CVEs (2026)

Vega by Nebula Security found 730+ bugs including 3 Chrome V8 CVEs in 2026. See pricing, autonomy level, GitHub App, CLI, and MCP integration details.

Vega autonomously hunts, root-causes, and patches security vulnerabilities in C/C++ systems code like Chrome V8 and the Linux kernel. It has 730+ documented bugs and 3 named 2026 CVEs to its credit. Semi-autonomous with human review, it is usage-priced with no free tier, and integrates via GitHub App, CLI, or MCP.

Vega is an AI security agent from Nebula Security, a 2022-founded, Y Combinator backed research lab. It has found 730+ real vulnerabilities, including three named Chrome V8 CVEs in 2026 and a Linux kernel bug that won a $10,500 bounty. It ships as a GitHub App, CLI, and MCP server for Claude Code and Cursor, priced by usage with no published flat rate.

Maker: Nebula Security · Autonomy: semi autonomous · Maturity: GA

Underlying models: Custom (proprietary)

About Vega

Vega is the flagship AI agent built by Nebula Security, a San Francisco based, Y Combinator backed security research lab founded in 2022. Unlike a general-purpose chatbot bolted onto static analysis tools, Vega bakes security domain knowledge directly into its agentic workflow: it reads source code, forms hypotheses about exploitable flaws, writes and runs proof-of-concept exploits, and validates its own findings before a human ever sees them. Nebula's public research catalog lists more than 730 documented bugs discovered this way, including three high-profile Chrome V8 vulnerabilities (CVE-2026-6307, CVE-2026-5865) that reached full sandbox escape and remote code execution on their own, no human-written exploit chain required, plus a Linux kernel netfilter bug (CVE-2026-23274) that won a $10,500 kernelCTF bounty. What makes Vega an agent rather than a scanner is that it chains multi-step reasoning end to end: recon over a codebase, root cause analysis, patch generation, and proof-of-concept validation, all before opening a pull request. It ships in three access modes: a GitHub App that reviews pull requests automatically, a CLI for local or CI/CD scanning, and an MCP server that plugs Vega directly into Claude Code, Cursor, and other agentic coding environments. Nebula claims Vega outperforms equivalent general-purpose GPT and Claude based security setups on Chromium and Linux kernel codebases specifically because of this narrow, domain-tuned agentic loop. Vega is built for security teams and engineering orgs that ship large, security-critical C/C++ and systems codebases (browser engines, kernels, low-level infrastructure) and want continuous automated vulnerability hunting instead of periodic manual audits. It is not a general chatbot assistant and is not aimed at casual developers; it is aimed at teams who already run bug bounty programs or internal security research and want an AI agent doing the first pass of exploit discovery. Commercially, Vega is sold in two tiers: a self-serve 'Vega Scan' priced by repository size and complexity that runs fully automated hunting, root cause analysis, and patch generation, and a 'Premium Audit' custom-quote tier that pairs a senior Nebula security engineer with Vega's AI analysis for architecture review, threat modeling, and on-premise audits. Nebula follows a standard 90+30 day responsible disclosure policy on everything Vega finds, and its research blog has published a new named CVE writeup roughly every 4-6 weeks through 2026, most recently the Longinus V8 sandbox escape on June 29, 2026.

Pricing

Vega Scan is pay-by-usage, priced by repository size and complexity, self-serve sign-up, includes automated vulnerability hunting, root cause analysis, patch generation, and PR review. Premium Audit is a custom quote per engagement pairing a senior Nebula security engineer with Vega for architecture review, threat modeling, and on-premise audits. No published flat price or free tier.

Key Features

Strengths

Weaknesses

Frequently Asked Questions

What is Vega and what does it do?

Vega is an AI security agent built by Nebula Security, a San Francisco based, Y Combinator backed research lab founded in 2022. It autonomously reads source code, forms hypotheses about exploitable flaws, writes proof-of-concept exploits, and validates its own findings. Nebula's public research catalog documents more than 730 bugs Vega has helped discover. Its highest profile finds include three named 2026 CVEs in Chrome's V8 engine and the Linux kernel. Vega is offered commercially through a GitHub App, a CLI, and an MCP server rather than as a consumer chatbot. It targets security teams working on large, security-critical systems codebases rather than general application developers.

How much does Vega cost?

Vega has two commercial tiers and no published flat price. Vega Scan is pay-by-usage, metered by repository size and complexity, and is self-serve: sign up and it runs fully automated vulnerability hunting, root cause analysis, patch generation, and pull request review. Premium Audit is a custom-quote engagement that pairs a senior Nebula security engineer with Vega's AI analysis for architecture review, threat modeling, and on-premise audits, and it includes a complementary full Vega Scan. There is no advertised free tier; prospective customers are directed to a consultation to scope pricing. This makes Vega harder to budget for than a flat-rate SaaS tool, especially for smaller teams.

Is Vega fully autonomous?

Vega is semi-autonomous rather than fully autonomous. It independently chains recon, exploit hypothesis generation, proof-of-concept validation, and patch drafting without a human writing the exploit itself, which is what let it achieve a full V8 sandbox escape to remote code execution on CVE-2026-6307 on its own. However, Nebula still applies human review and its standard 90-day vendor notification plus 30-day public disclosure policy before any finding goes public, so a human checkpoint remains in the loop before disclosure. This is more autonomous than a typical code-review assistant but stops short of unsupervised, always-public autonomous operation.

What AI model powers Vega?

Nebula Security has not disclosed the specific underlying LLM or model architecture behind Vega; it describes the system as proprietary tooling that bakes security domain knowledge directly into an agentic workflow rather than relying on a general-purpose frontier model with bolted-on static analysis. Nebula claims this narrower, domain-tuned approach outperforms equivalent setups built on general-purpose GPT and Claude models specifically on Chromium and Linux kernel codebases. Because the model details are undisclosed, buyers cannot independently verify these benchmark claims. Users cannot select or swap the underlying model themselves.

What are the best alternatives to Vega?

XBOW is a strong alternative if you need broad, black-box web application penetration testing rather than deep C/C++ systems research; it reached the number 1 spot on HackerOne's leaderboard in 2025 with over 1,060 submitted vulnerabilities. RunSybil, which raised $40M, uses a multi-agent orchestrator called Sybil to run full black-box pentests across recon, exploit simulation, and vulnerability chaining with no human intervention, and is a better fit for teams wanting an all-in-one autonomous pentest platform. Vega remains the narrower, more specialized choice for teams specifically targeting browser engines, kernels, or other low-level systems code.

Who is Vega best for?

Vega is best for security engineering teams shipping large C/C++ systems codebases, such as browser engines, kernels, or other low-level infrastructure, who want continuous automated vulnerability hunting layered on top of existing bug bounty or internal research programs. It is also a good fit for AppSec teams already using Claude Code or Cursor, since the MCP integration puts vulnerability scanning inside the same agentic coding loop as development. It is not built for casual developers or teams whose stack is mostly typical web application code, where Vega's demonstrated track record is thinner.

How does Vega compare on benchmarks?

Nebula has not published standard agent benchmarks like SWE-bench, WebArena, or GAIA for Vega, since it is a specialized security research agent rather than a general coding or browsing agent. Instead, Nebula points to its public research catalog as the benchmark: 730+ documented bugs found and reported, including three named Chrome V8 CVEs in 2026 (CVE-2026-6307 and CVE-2026-5865) and a Linux kernel netfilter bug (CVE-2026-23274) that earned a $10,500 kernelCTF bounty. On CVE-2026-6307 specifically, Nebula reports Vega achieved a 100 percent success rate gaining arbitrary memory read/write without any spraying trick. This real-world CVE count is the most concrete evidence available, since no third-party benchmark has evaluated Vega directly.

How do you get started with Vega?

To start with Vega Scan, sign up on nebusec.ai, connect the target repository, and Vega begins fully automated vulnerability hunting, root cause analysis, and patch generation, with pricing metered by repository size once scoped. Teams wanting deeper coverage can install the Vega GitHub App so pull requests get automatic security review, or add the CLI to a CI/CD pipeline for local and build-time scanning. Teams already working inside Claude Code or Cursor can instead connect Vega's MCP server so scanning runs inside the same agentic coding session. For the Premium Audit tier, the first step is a consultation where Nebula scopes the engagement before quoting a custom price.

Visit Vega Official Site