Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Briefly

"Anthropic disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most systemically important software across the world since the cybersecurity initiative went live last month. Project Glasswing is an effort led by the artificial intelligence (AI) company, as part of which a small set of about 50 partners have obtained access to Claude Mythos Preview, a frontier model with capabilities to find vulnerabilities in widely-used software."

"Of these vulnerabilities, 6,202 have been classified as high- or critical-severity flaws impacting more than 1,000 open-source projects. Subsequent analysis of these vulnerability candidates has identified that 1,726 are valid true positives. As many as 1,094 flaws are assessed to be either high- or critical-severity."

"One of the identified weaknesses is a critical flaw in WolfSSL ( CVE-2026-5194, CVSS score: 9.1) that could allow an attacker to forge certificates and masquerade as a legitimate service. In all, these efforts have led to 97 findings being patched upstream and 88 advisories being issued."

"“The relative ease of finding vulnerabilities compared with the difficulty of fixing them amounts to a major challenge for cybersecurity,” Anthropic acknowledged. “Confronting this challenge successfully will make our software far safer than before.”"