Anthropic Claude Opus 4.6 Finds High-Severity Firefox Vulnerabilities in Mozilla Engagement
Anthropic reported that Claude Opus 4.6 identified 22 security vulnerabilities in Mozilla Firefox during a two-week collaboration with Mozilla, with 14 categorized as high severity. The work began in Firefox’s JavaScript engine and expanded across the broader codebase, demonstrating that an AI model can rapidly surface memory-safety and other complex issues in a mature, heavily scrutinized open-source project; one example cited was a use-after-free class bug discovered early in the effort. Mozilla validated the findings and shipped fixes, with most issues addressed in Firefox 148 (and some remediations deferred to a subsequent release, per reporting).
Separate reporting discussed market and product implications of Anthropic’s Claude Code Security feature—an AI-assisted code-scanning capability that suggests patches and is positioned as an alternative to traditional rules-based static analysis—along with investor reactions affecting major security vendors. While related to AI-driven secure development, that coverage does not describe the Firefox vulnerability-discovery engagement itself and is better treated as adjacent industry context rather than part of the same specific event.
Timeline
Apr 23, 2026
Mozilla releases Firefox 150 with 271 AI-assisted security fixes
Mozilla shipped Firefox 150 fixing 271 security vulnerabilities, with just over 40 serious or critical issues receiving CVE identifiers. Mozilla said Anthropic AI models, including a preliminary Claude Mythos Preview, helped identify the flaws, and specifically attributed CVE-2026-6746, CVE-2026-6757, and CVE-2026-6758 to Claude.
Mar 24, 2026
cURL ends security report bounty over low-quality AI submissions
cURL creator Daniel Stenberg said AI-generated vulnerability reports sharply reduced the validity rate of submissions and overloaded the project's seven-person security team. In response, cURL ended its security report bounty program as maintainers grappled with reviewer fatigue and false positives.
Mar 10, 2026
Anthropic publishes AI bug-hunting and disclosure guidance
Alongside the disclosure, Anthropic and Mozilla promoted practices for AI-generated vulnerability reporting, including reproducible test cases, proofs of concept, candidate patches, and task verifiers to reduce false positives. Anthropic also published a coordinated vulnerability disclosure policy with a standard 90-day timeline and exceptions for actively exploited critical flaws.
Mar 9, 2026
Mozilla reports broader AI-assisted research uncovered 90 more Firefox bugs
Mozilla said its internal experimentation with AI-assisted security analysis also found 90 additional Firefox bugs, including logic errors that traditional fuzzing had missed. The statement highlighted Mozilla's growing use of AI in defensive vulnerability research.
Mar 6, 2026
Anthropic publicly discloses Claude's discovery of 22 Firefox vulnerabilities
On March 6, 2026, Anthropic disclosed that Claude Opus 4.6 had found 22 previously unknown Firefox vulnerabilities over a two-week effort with Mozilla. The company said the results showed AI is currently much stronger at finding bugs than weaponizing them.
Feb 24, 2026
Mozilla ships Firefox 148 with fixes for most Claude-discovered flaws
Mozilla released Firefox 148 on February 24, 2026, patching most of the 22 distinct vulnerabilities identified by Claude, including 14 rated high severity. A small number of remaining fixes were deferred to a subsequent release.
Jan 20, 2026
Anthropic tests Claude's exploit-generation ability
Anthropic ran several hundred exploit-development attempts against known Firefox bugs, spending about $4,000 in API credits. The model produced only two working exploits, both crude and requiring weakened conditions such as disabled sandbox protections.
Jan 15, 2026
Claude-driven scanning produces 112 Firefox bug reports
Anthropic used Claude to scan nearly 6,000 C++ files and submitted 112 unique Bugzilla reports to Mozilla. The volume of findings led Mozilla to allow bulk submissions even when every crashing test case had not yet been fully validated for security impact.
Jan 1, 2026
Claude finds its first Firefox bug within minutes
During the collaboration, Claude identified an initial use-after-free memory corruption flaw in Firefox's JavaScript engine in about 20 minutes. Human researchers validated the issue and a model-suggested patch before reporting it to Mozilla through Bugzilla.
Jan 1, 2026
Anthropic and Mozilla begin AI-assisted Firefox vulnerability research
In January 2026, Anthropic partnered with Mozilla to test Claude Opus 4.6 on Firefox, starting with the browser's JavaScript engine before expanding to broader code review. Firefox was selected as a complex, heavily tested open-source target for the experiment.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Vulnerabilities
Organizations
Sources
5 more from sources like privacyguides.org, blog.mozilla.org, zdnet and scworld
Related Stories
Anthropic Claude Code Security and AI-Assisted Bug Discovery
Anthropic’s **Claude Code Security** was introduced as an AI-driven capability within *Claude Code* that scans source code for vulnerabilities and proposes patches for human review, positioning itself as more adaptive than traditional rules-based static analysis. Coverage noted that early investor reaction briefly pressured major security vendors’ valuations, but analysts assessed the longer-term market impact as likely to be more nuanced given the feature’s early-preview status and its role as an add-on within a broader coding assistant/agent rather than a standalone security product. Separately, Mozilla engineers reported using **Claude** to help identify a “slew” of new Firefox issues, while also highlighting that a meaningful share of observed Firefox crashes may not be software defects at all but *hardware-induced memory errors* (“bit flips”). Mozilla cited roughly **470,000** weekly crash reports (from opted-in users), with about **25,000** flagged as potential bit flips (and possibly higher due to conservative heuristics), underscoring that AI-assisted bug-finding can improve software quality but may not address instability rooted in faulty or error-prone hardware (including potential causes like **Rowhammer** or defective components).
1 months ago
Anthropic Claude Opus 4.6 Used to Discover and Help Patch High-Severity Vulnerabilities in Open-Source Software
Anthropic released **Claude Opus 4.6**, highlighting improved *agentic* coding performance (code review, debugging, and sustained work over large codebases) and expanded safety evaluation coverage. The company claims the model is better at finding real vulnerabilities in codebases and behaves more consistently on complex tasks, while maintaining low rates of misaligned behavior (e.g., deception) and reducing unnecessary refusals to benign requests. Anthropic also reported using Claude Opus 4.6 to identify **500+ previously unknown high-severity flaws** in widely used open-source libraries, including **Ghostscript**, **OpenSC**, and **CGIF**, and said the issues were validated to avoid hallucinations and have been patched by maintainers. The company described testing by its **Frontier Red Team** in a virtualized environment with access to tools like debuggers and fuzzers, aiming to measure the model’s out-of-the-box vulnerability discovery capability without specialized prompting or custom scaffolding, and using the model to help prioritize severe memory-corruption findings.
1 weeks ago
Anthropic Restricts Claude Mythos After AI Model Finds and Exploits Software Flaws
Anthropic unveiled **Claude Mythos Preview**, an unreleased AI model it says discovered thousands of high-severity and zero-day vulnerabilities across major operating systems, browsers, open-source projects, and some closed-source software, including a 27-year-old OpenBSD bug, a 16-year-old FFmpeg flaw, Linux privilege-escalation chains, and `CVE-2026-4747` in FreeBSD’s NFS server. Citing the risk that the same capability could accelerate offensive cyber operations, Anthropic withheld broad release and launched **Project Glasswing**, a restricted-access program for selected partners including AWS, Apple, Cisco, Google, Microsoft, NVIDIA, and other major vendors and critical software maintainers to validate findings and speed remediation. Independent testing by the UK AI Security Institute found Mythos materially improved cyber performance, including a **73%** success rate on expert capture-the-flag tasks and occasional completion of a 32-step simulated enterprise intrusion, while cautioning that the tests did not reflect hardened real-world networks with active defenders. The announcement triggered immediate responses from governments, regulators, and industry groups, which warned that AI is compressing the timeline from vulnerability discovery to exploitation faster than most organizations can patch. Mozilla provided one of the first operational examples, saying Firefox 150 fixed **271 vulnerabilities** identified with Mythos-assisted analysis, while the Cloud Security Alliance, SANS, and OWASP urged CISOs to prepare for an "AI vulnerability storm" by hardening core controls, accelerating patch and mitigation workflows, improving asset and dependency visibility, and adopting more automation in security operations. At the same time, Anthropic’s claims drew skepticism because only a limited number of public CVEs have been directly tied to Glasswing so far, and reports that unauthorized users accessed Mythos through a third-party environment intensified concerns about containment, governance, and the likelihood that comparable capabilities will soon spread beyond a small set of trusted defenders.
Today