What it is
V12 is Zellic’s agentic security platform. Zellic introduced V12 in September 2025 as an autonomous auditor combining AI, LLMs, and traditional static analysis. The current V12 homepage describes the product as agentic security that finds, rates, and reports vulnerabilities.
The initial public positioning focused on Solidity and Web3 audits, but the Fragnesia record shows V12 appearing in a Linux kernel vulnerability-discovery story.
What is verified
The current Bugflation ledger counts one V12 entry: Fragnesia, CVE-2026-46300. V12’s public proof-of-concept and write-up say the exploit was discovered with V12 by William Bowling and the V12 team.
Independent corroboration comes from Linux and distribution-side records:
Ubuntu tracks the CVE as a high-priority local privilege escalation, Debian’s
tracker links the V12 PoC and the upstream patch, AlmaLinux released patched
kernels, and the netdev patch from William Bowling identifies the skbuff
shared-fragment marker root cause.
Why it matters
V12 adds another system to the public AI-assisted vulnerability-discovery record, and the target is not a toy project. A Linux kernel local-root finding in the Dirty Pipe / CopyFail / Dirty Frag page-cache family is exactly the kind of high-impact issue that changes patching pressure for distributors and operators.
The evidence index is below the strongest direct-upstream credits because the AI-attribution detail comes from V12’s own write-up rather than the kernel patch itself. It is still strong enough for the ledger because the same primary research artifact provides both the PoC and the AI-assisted discovery claim, while distro and kernel sources corroborate the accepted vulnerability.