Last week, Anthropic surprised the world by declaring that its latest model, Mythos, is so good at finding vulns that it would create chaos if released. Now, under the title of Project Glasswing, over 50 selected companies and orgs are allowed to test the hyped up LLM to find security holes in their own products. But just how many problems have they really discovered?

According to VulnCheck researcher Patrick Garrity, the answer is…drumroll…maybe 40. Or maybe none at all.

Anthropic announced its newest model on April 7, and at the time said Claude Mythos Preview has found and can develop exploits for zero-day vulnerabilities "in every major operating system and every major web browser." 

Because setting this type of zero-day machine loose on society at large would cause mass chaos and break the internet as we know it - at least according to the AI company itself - Anthropic instead is allowing a group of about 50 industry partners to preview the bug hunting machine so that they can find and fix flaws in their tech before the bad guys get a chance to exploit them. 

This preview initiative is called Project Glasswing, and while we still don't know all the participants, we do know that they include Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, Palo Alto Networks, and Intel.

When discussing Project Glasswing, "one question keeps coming up," Garrity said in a Wednesday blog post. "What exactly did it find, disclose, and receive CVEs for?"

So he decided to scour the CVE database, which includes more than 327,000 CVE records, to find out. Garrity searched the database for any and all records containing the word "Anthropic" from February onward, and then reviewed all of these results. 

He found 75 records containing his search term "Anthropic," but of those, 35 are CVEs affecting Anthropic tools such as Claude Code, MCP Inspector, as well as third party integrations, so they are not Glasswing-linked bugs. So no dice.

The remaining 40 are credited to Anthropic or Anthropic-affiliated researchers, so these may be Glasswing finds, but we can't guarantee it. 

"The 40 break down across three distinct credit attributions: the core Anthropic research team, Nicholas Carlini individually, and Calif.io, an independent security research firm running a program called MADBugs (Month of AI-Discovered Bugs) that credits their work jointly as 'Calif.io in collaboration with Claude and Anthropic Research,'" Garrity wrote.

Broken down by vendor: 28 of the 40 CVEs are in Mozilla's Firefox browser, nine are in the wolfSSL embedded SSL/TLS library, one is in F5's NGINX Plus application delivery platform, and one each in open source operating system FreeBSD and open source software library OpenSSL.

• Anthropic's mysterious Mythos AI threatens to upend the infosec world
• Project Glasswing and open source software: The good, the bad, and the ugly
• Anthropic: All your zero-days are belong to Mythos
• Microsoft's massive Patch Tuesday: It's raining bugs

Only one publicly disclosed CVE can be "directly tied" to Glasswing, according to Garrity.

That's CVE-2026-4747, a remote code execution bug in FreeBSD. While the CVE record credits "Nicholas Carlini using Claude, Anthropic" with finding and reporting this bug - not Glasswing, specifically - Anthropic's blog last week namedropped CVE-2026-4747, and described it thus: "Mythos Preview fully autonomously identified and then exploited a 17-year-old remote code execution vulnerability in FreeBSD that allows anyone to gain root on a machine running NFS." 

Anthropic has also said that the Mythos Preview found a now-patched 27-year-old bug in OpenBSD, a 16-year-old FFmpeg bug, and Linux kernel privilege escalation chains. None of these have been assigned CVEs.

"The full picture won't be known until public disclosure takes place and Anthropic has indicated a public summary report is expected around July 2026," Garrity said.

He also suggested that Anthropic "create a dedicated security advisory page where security advisories and vulnerability disclosures were published in a consistent way, to provide a way for consumers to understand the question: what vulnerabilities have been discovered by the Anthropic research team and Project Glasswing?" ®

More about

• AI
• Anthropic
• Security

More like these