Anthropic’s Claude Mythos Flags Over 10,000 Critical Software Flaws in 30 Days — But Fixing Them Is Another Problem

Anthropic’s AI Security Model Uncovers Tens of Thousands of Vulnerabilities, Exposing a New Bottleneck in Global Cybersecurity

Anthropic’s advanced AI cybersecurity model, Claude Mythos Preview, has identified more than 10,000 high- and critical-severity software vulnerabilities in a single month — a discovery rate that has overwhelmed the open-source community’s capacity to respond and forced a rethink of how the software industry manages security at scale.

What Is Project Glasswing?

Project Glasswing is a defensive initiative launched by Anthropic to secure critical global software infrastructure. It grants approximately 50 partner organisations exclusive early access to Claude Mythos Preview — a frontier model capable of autonomously identifying vulnerabilities in widely-used software before malicious actors can exploit them.

Anthropic published its first quantified results on 22 May, one month after the initiative launched with twelve named partners. The programme is anchored primarily in the United States and the United Kingdom, with participants including Cloudflare, Mozilla, the UK AI Security Institute, and security research firm XBOW.

The Numbers

Most participating organisations — which maintain software critical to internet and essential infrastructure — found hundreds of high-risk vulnerabilities within weeks. Several reported bug-finding rates increasing by more than a factor of 10.

The UK AI Security Institute confirmed Mythos Preview as the first model to solve both of its cyber range simulations — multistep cyberattack scenarios — end to end.

A Critical Flaw in Widely-Deployed Infrastructure

Among the most consequential discoveries was CVE-2026-5194, a critical vulnerability in the WolfSSL cryptographic library — a widely used embedded TLS library deployed across IoT devices, automotive systems, and industrial control environments. The flaw carried a CVSS score of 9.1 and could allow an attacker to forge certificates and impersonate legitimate services. It has since been patched.

Beyond Detection: Mythos Can Build Working Exploits

What distinguishes Mythos from earlier models is not merely its detection rate. The model can autonomously construct working exploits — not just flag vulnerabilities. Earlier top-tier Claude models succeeded only twice in developing complete attack methods after hundreds of attempts; Mythos succeeds far more frequently, and without requiring specialised security knowledge from the operator.

Anthropic noted that this offensive capability was not the result of explicit training. It emerged as a natural consequence of general improvements in coding ability, reasoning, and autonomous operation — a distinction that raises its own set of concerns about capability trajectories in frontier AI development.

The Bottleneck Has Shifted

The scale of discovery has created a problem the programme did not anticipate. As Anthropic acknowledged: “The relative ease of finding vulnerabilities compared with the difficulty of fixing them amounts to a major challenge for cybersecurity.”

Progress on software security used to be constrained by how quickly vulnerabilities could be found. It is now constrained by how quickly they can be verified, disclosed, and patched.

As of 22 May, Anthropic had disclosed 1,596 vulnerabilities across 281 open-source projects. Only 97 had been patched and 88 had received a CVE record or GitHub Security Advisory. The average fix is taking approximately two weeks. Some open-source maintainers, reportedly overwhelmed by the volume, have asked Anthropic to slow the pace of disclosures.

The industry is already responding to the acceleration. Oracle has shifted from quarterly to monthly patch releases. Microsoft has warned that the number of monthly patches it expects to release will “continue trending larger for some time.”

Access, Safeguards, and the Competitive Landscape

Anthropic has chosen not to release Mythos commercially, citing the risk that unrestricted access could threaten economies, public safety, and national security. The company describes frontier AI as having reached a point where models could surpass all but the most skilled humans at finding and exploiting software vulnerabilities.

Claude Mythos Preview sits above Anthropic’s existing model lineup — the lightweight Haiku, the mid-range Sonnet, and the high-performance Opus — representing a new class built around exceptional code reasoning and autonomous vulnerability discovery.

Anthropic has launched a Cyber Verification Program allowing vetted security professionals to use Claude without guardrails for legitimate purposes, including vulnerability research, penetration testing, and red teaming. It has also released Claude Security in public beta for Claude Enterprise customers.

OpenAI has introduced a parallel programme called Daybreak, providing similar access to its own model, GPT-5.5-Cyber — signalling that AI-assisted vulnerability discovery is fast becoming a competitive frontier among major AI developers.

Anthropic’s May 22 update signalled future intent while maintaining current restrictions: “In the near future, once we’ve developed the far stronger safeguards we need, we look forward to making Mythos-class models available through a general release.”