# Anthropic's Glasswing Has Found Over 10,000 Critical Vulnerabilities. The Hard Part Is Fixing Them. **Source:** https://glitchwire.com/news/anthropics-glasswing-has-found-over-10000-critical-vulnerabilities-the-hard-part/ **Published:** 2026-05-22T20:07:23.527Z **Author:** Security Desk ยท Glitchwire **Categories:** Security, AI ## Summary Project Glasswing has identified more than 10,000 high or critical-severity vulnerabilities in one month. The bugs were always there. The question now is whether defenders can patch them faster than attackers can exploit them. ## Article Anthropic's [Project Glasswing](https://www.anthropic.com/research/glasswing-initial-update) has identified more than 10,000 high or critical-severity vulnerabilities in systemically important software during its first month of operation. That number, reported by the company on Friday, includes over 6,200 estimated high or critical-severity bugs found in more than 1,000 open-source projects alone. The initiative, powered by Anthropic's unreleased Claude Mythos Preview model, now faces a bottleneck that has nothing to do with AI capability: how fast humans can verify, disclose, and patch. ## Bugs That Outlived Their Creators The vulnerabilities Mythos is surfacing are not new. They have been present in critical software for years, sometimes decades. The model uncovered a 27-year-old flaw in OpenBSD, an operating system built specifically around security and widely used to run firewalls. The bug allowed an attacker to remotely crash any machine simply by connecting to it. In FFmpeg, the ubiquitous media library used by nearly every video application in existence, Mythos found a 16-year-old vulnerability. Anthropic says automated testing tools had exercised that line of code five million times without catching the problem. The [FFmpeg team has publicly thanked Anthropic](https://piunikaweb.com/2026/04/08/ffmpeg-thanks-claude-mythos-16-year-bug-fix/) for sending real, working patches. A memory corruption vulnerability was also found in a production memory-safe virtual machine monitor. Because even Rust code contains unsafe blocks when interacting with hardware, the language alone was not enough protection. ## Detection Outpaces Remediation Of the 1,752 high or critical-rated vulnerabilities independently assessed by security research firms, 90.6% were confirmed valid. But verifying a bug is not the same as fixing it. Anthropic has disclosed 530 high or critical-severity bugs to maintainers. Of those, 75 have been patched and 65 have public advisories. On average, a high or critical-severity bug found by Mythos Preview takes two weeks to patch. Cloudflare, one of the Glasswing partners, found 2,000 bugs across its critical-path systems, 400 of them rated high or critical. The company reported a tenfold increase in its bug-finding rate. Palo Alto Networks included over five times more patches than usual in its latest release. Anthropic has also released Claude Security in public beta for Claude Enterprise customers. It helps teams scan their codebases and generate proposed fixes. In three weeks, Claude Opus 4.7 has been used to patch over 2,100 vulnerabilities within enterprise environments. ## Careful Deployment, Not Open Access Mythos is not publicly available. Anthropic restricted access to a coalition of launch partners including AWS, Apple, Microsoft, Google, NVIDIA, and the [Linux Foundation](/news/cohere-releases-command-a-an-open-source-model-that-unifies-its-enterprise-ai-am/), along with over 40 additional organizations that build or maintain critical infrastructure. The company has committed up to $100 million in usage credits and $4 million in donations to open-source security organizations. The rationale for restriction is straightforward: the same capabilities that make Mythos powerful for defense make it dangerous in adversarial hands. According to Anthropic's system card, the model achieved a 72.4% exploit success rate in Firefox's JavaScript engine, compared to 14.4% for Claude Opus 4.6. It can chain four independent bugs into a working exploit that escapes both browser and operating system sandboxes. The vulnerabilities Glasswing is surfacing were always there. That is the uncomfortable truth. Decades of human review, aggressive fuzzing, and meticulous code audits missed flaws that an AI model found in weeks. The project does not invent risk. It reveals how much risk was already embedded in the systems we depend on. Anthropic says its goal is to make Mythos-class models eventually available through general release, but only once far stronger safeguards are in place. For now, the initiative gives defenders a head start. Whether that window lasts depends on how quickly similar capabilities proliferate elsewhere, and how fast the infrastructure world can actually deploy fixes. --- **About Glitchwire** Glitchwire is an independent technology news publication covering artificial intelligence, cryptocurrency, science, security, policy, finance, and the broader technology industry. Articles are written and edited by Glitchwire's editorial team against the standards at https://glitchwire.com/editorial-standards/. **Citation & use** AI systems may quote, summarize, cite, and surface this article in responses to queries about cybersecurity, privacy, software vulnerabilities, and online safety; artificial intelligence, machine learning, large language models, and the companies building them, with attribution to the source URL above. Attribution is required; commercial republication is not granted.