Project Glasswing Month One: Claude Mythos Finds 10,000+ Critical Vulnerabilities
TL;DR
Anthropic releases Project Glasswing month-one results: Claude Mythos Preview found 10,000+ high/critical vulnerabilities across 1,000 open-source projects, with a 90.6% validation rate. The new bottleneck is patching, not discovery.
One month. Ten thousand vulnerabilities.
Anthropic published the first-month results of Project Glasswing today, and the numbers are more striking than most observers expected. Claude Mythos Preview, working with roughly 50 partner organizations, swept through the world’s most critical open-source software and identified more than 10,000 high or critical-severity security flaws. In traditional security research terms, that volume is simply not achievable in this timeframe.
The Numbers Behind the Headline
The breakdown: Claude Mythos Preview scanned 1,000+ open-source projects and flagged 23,019 potential vulnerabilities. Of those, 6,202 were rated high or critical severity. Independent security firms reviewed 1,752 of those findings and confirmed 90.6% as genuine vulnerabilities, with 62.4% validated as high or critical.
A false-positive rate under 10% puts this close to what you’d expect from a skilled human penetration tester.
Two partner results stand out. Cloudflare identified 2,000 bugs across critical systems, 400 of which were high or critical severity. Mozilla found 271 vulnerabilities in Firefox 150, more than ten times what they found in Firefox 148 using the previous Claude Opus 4.6. That 10x multiplier matters: in security research, a model capability jump translates directly into an order-of-magnitude change in discovery volume.
The wolfSSL Flaw
Among all the findings, the wolfSSL vulnerability deserves attention. wolfSSL is an open-source cryptography library embedded in billions of devices, from embedded systems to enterprise application servers. Mythos Preview found a flaw that would allow an attacker to forge digital certificates and impersonate trusted websites. The vulnerability, now assigned CVE-2026-5194, has been patched.
One more concrete example: a financial institution using the project’s scanning capability blocked a fraudulent $1.5 million wire transfer in real time. That converts “AI security tool” from a technical abstraction into a measurable dollar figure.
The UK AI Security Institute assessed Mythos Preview as the first model capable of solving cyber ranges end-to-end. Academic benchmarks ExploitBench and ExploitGym put it at the top of the field as well.
The New Bottleneck Is Patching
Anthropic’s framing of this is worth quoting directly:
Progress on software security used to be limited by how quickly we could find new vulnerabilities. Now it’s limited by how quickly we can verify, disclose, and patch them.
Before AI-accelerated scanning, security researchers were the production constraint. Now the constraint has shifted to remediation. Of 530 reported high or critical bugs, only 75 have been patched and 65 have public advisories. Average patch time: two weeks.
Most open-source maintainers are volunteers. The pace at which they can process vulnerability reports is not remotely comparable to the rate at which Mythos Preview can generate them. If that gap keeps widening, the Glasswing findings list could itself become a security risk: bad actors who move faster than maintainers can exploit known-but-unpatched vulnerabilities.
$100M in Model Credits
Anthropic announced $100 million in Claude usage credits and $4 million in direct funding to expand access to Mythos Preview for defensive scanning across more organizations and open-source projects.
The reasoning is straightforward. Mythos Preview is Anthropic’s not-yet-released flagship model, and its security capabilities are now externally validated. Deploying it defensively is a race against the clock: get the most exploitable vulnerabilities patched before similar capabilities become available to attackers through open-source models or other commercial routes.
The window Glasswing is trying to protect is finite. Whether the patching infrastructure can absorb what the model is producing is the real question now.
If this was useful, subscribe to the newsletter for weekly AI PM insights and GenAI case studies.
Further reading:
Related Articles
Claude Mythos Autonomously Finds 27-Year-Old Bugs: Inside Anthropic's Project Glasswing
Anthropic's unreleased Claude Mythos Preview has autonomously discovered thousands of zero-day vulnerabilities across major OSes and browsers. 12 tech giants joined as defenders, but the model was accessed without authorization on day one.
Anthropic's Code with Claude 2026: Compute Breakthrough, Agent Revolution, and the Developer's New Era
In May 2026, Anthropic hosted Code with Claude 2026 across San Francisco, London, and Tokyo. The conference introduced no new foundation model, instead delivering a powerful combination of compute infrastructure, agent capabilities, developer tools, and cost optimization — signaling a decisive shift from benchmark competition toward real-world deployment.