Anthropic's Mythos AI Finds 10,000 High-Severity Flaws in Critical Software

Anthropic's Claude Mythos Preview has uncovered more than 10,000 high- or critical‑severity software vulnerabilities in its first month of operation under Project Glasswing, a collaborative effort launched in April to secure the world's most critical code before increasingly capable AI can be weaponized against it.

The findings, drawn from roughly 50 partner organizations and the scanning of over 1,000 open‑source projects, represent one of the first large‑scale demonstrations of what a frontier AI model can achieve when pointed at widely used code. The model flagged 23,019 potential vulnerabilities across those open‑source projects alone — 6,202 of them estimated as high or critical severity.

"Progress on software security used to be limited by how quickly we could find new vulnerabilities. Now it's limited by how quickly we can verify, disclose, and patch the large numbers of vulnerabilities found by AI," Anthropic wrote in its update, as reported by CyberScoop.

Of 1,752 high- or critical‑rated findings reviewed by six independent security research firms (or by Anthropic itself), over 90% were confirmed as valid true positives — and more than 62% were confirmed to be genuinely high or critical severity. That means Mythos Preview is on track to have surfaced nearly 3,900 confirmed high- or critical‑severity vulnerabilities in open‑source code alone.

Several partners reported bug‑finding rates that increased more than tenfold. Cloudflare identified 2,000 bugs across its critical‑path systems, including 400 rated high or critical, with a false‑positive rate the company said was better than human testers. Mozilla found and fixed 271 vulnerabilities in Firefox 150 while testing Mythos Preview — more than 10 times the number found in Firefox 148 using an earlier Anthropic model.

According to The Hacker News, Anthropic also revealed that Mythos Preview helped detect and prevent a fraudulent $1.5 million wire transfer at an unnamed partner bank after a threat actor compromised a customer's email account.

The hard part is no longer finding vulnerabilities — it's dealing with them. Anthropic's disclosure dashboard shows a steep drop‑off from detection to patching, reflecting the massive human effort required at each step. On average, a high- or critical‑severity bug found by Mythos Preview takes two weeks to patch.

Open‑source maintainers, already stretched thin, are feeling the strain. Several have asked Anthropic to slow down its disclosure rate because they need more time to design patches. The company has even begun disclosing some bugs without prior vetting at maintainers' request — 1,129 such cases so far, of which the model estimated 175 as high or critical.

"The bottleneck in fixing bugs like these is the human capacity to triage, report, and design and deploy patches for them," Anthropic wrote in its Glasswing update. "Finding them in the first place has become vastly more straightforward."

The UK's AI Security Institute reported that Mythos Preview is the first model to solve both of its cyber ranges — simulations of multistep cyberattacks — from end to end. Independent security platform XBOW called it a "significant step up over all existing models" on its web exploit benchmark with precision the firm described as unmatched by any prior system."

The downstream effects are already visible in the patch ecosystem. Anthropic reported in its Glasswing update that Palo Alto Networks' latest release included over five times as many patches as usual. Microsoft has reported that its Patch Tuesday volumes will "continue trending larger for some time." Oracle is finding and fixing vulnerabilities multiple times faster than before.

One particularly notable find: Mythos Preview constructed an exploit for wolfSSL, an open‑source cryptography library used by billions of devices. The exploit would have allowed attackers to forge certificates and host convincing fake websites for banks or email providers. The vulnerability, assigned CVE‑2026‑5194, has since been patched.

While Mythos Preview itself remains unreleased — Anthropic says no company has developed adequate safeguards to prevent serious misuse — the company has released Claude Security in public beta for enterprise customers. Using the publicly available Claude Opus 4.7 (not the full Mythos model), it has already been used to patch over 2,100 vulnerabilities in three weeks.

Anthropic has also opened a Cyber Verification Program for security professionals doing legitimate work, and is releasing the tools, skills, and scanning infrastructure that partners used with Mythos Preview to qualifying customers.

"There is an urgent need for as many organizations as possible to shore up their cyber defenses," the company wrote in its Glasswing update. "We hope that our generally available models, and the new tools, resources, and research we're providing to accompany them, will support those organizations to improve their cybersecurity posture."

For developers and builders, Project Glasswing represents both an opportunity and a warning. The opportunity: AI‑driven vulnerability scanning means your dependencies — the open‑source libraries you didn't even know were vulnerable — are getting scrutinized at a scale and speed never possible before. Code that billions of devices rely on is being hardened faster than ever before.

The warning: as Anthropic itself notes, models with capabilities comparable to Mythos Preview will soon be developed by many AI companies. If one is released without the safeguards Anthropic is building, the cost of exploiting flawed software drops dramatically. The window between vulnerability discovery and patch deployment is where attackers operate — and AI is shrinking that window from both sides.

For builders today, the immediate takeaway is straightforward: keep your dependencies updated, take patch notifications seriously, and recognize that the security ecosystem is shifting from a world where finding bugs was the hard part to one where fixing them fast enough is the challenge.