AI found 10,000 severe bugs; patching is now the bottleneck
Original: Project Glasswing: An initial update View original →
Software security is entering a phase where finding vulnerabilities may no longer be the slow part. In a May 22 update on Project Glasswing, Anthropic said Claude Mythos Preview and roughly 50 partners have identified more than 10,000 high- or critical-severity vulnerabilities in systemically important software.
The numbers make this more than another AI security demo. Anthropic said it has also used Mythos Preview over the last few months to scan more than 1,000 open-source projects. Across those projects, the model produced 23,019 candidate findings, including 6,202 that it estimated as high or critical severity.
The post gives a rare look at the triage funnel behind AI-assisted vulnerability discovery. Anthropic said 1,752 of the high- or critical-rated findings were assessed by one of six independent security research firms or, in a small number of cases, by Anthropic itself. Of those, 90.6%, or 1,587 findings, were valid true positives. Another 62.4%, or 1,094 findings, were confirmed as high or critical severity.
Those rates imply a large downstream workload. Anthropic says that even if Mythos Preview finds nothing else, the current post-triage rates put it on track to surface nearly 3,900 high- or critical-severity vulnerabilities in open-source code, before counting partner findings. That turns the security question from model capability into remediation capacity.
Anthropic is still following coordinated vulnerability disclosure norms: roughly 90 days after discovery, or about 45 days after a patch is available. That is why the company is withholding most technical details for now. The delay protects users, but it also highlights the new constraint: humans still have to reproduce issues, judge severity, notify maintainers, design fixes, and get patches deployed.
The company also said Mythos-class models are not being released broadly yet because safeguards are not strong enough to prevent misuse. Glasswing’s next phase will expand to additional critical partners, including U.S. and allied governments. The metric to watch is not just how many bugs AI can find, but how many confirmed findings become shipped fixes before attackers can exploit the same discovery curve.
Related Articles
Anthropic says Claude contains a J-space that resembles a global workspace for active, verbalizable thoughts. The lead tweet has more than 9.1 million views and points to audit use cases, including hidden goals in sabotage-trained models.
Anthropic published a March 6, 2026 case study showing how Claude Opus 4.6 authored a working test exploit for Firefox vulnerability CVE-2026-2796. The company presents the result as an early warning about advancing model cyber capabilities, not as proof of reliable real-world offensive automation.
Claude Corps is a $150m program placing 1,000 early-career fellows into at least 400 nonprofits for 12 months. The bet is that AI adoption needs paid capacity inside civic organizations, not only better models.