Anthropic's Glasswing Uncovers 10,000 Critical Software Flaws, Only 97 Fixed Upstream

Anthropic’s Project Glasswing has identified more than 10,000 high- and critical-severity software vulnerabilities in one month, but only 97 of the 23,019 total vulnerability candidates found during the initiative have been patched, exposing a widening gap between AI-assisted discovery and global patching capacity.

Last month we launched Project Glasswing, our collaborative AI cybersecurity initiative. Since then, we and our partners have found more than ten thousand high- or critical-severity vulnerabilities in essential software.

— Anthropic (@AnthropicAI) May 22, 2026

About 50 partners have used Claude Mythos Preview, Anthropic’s unreleased frontier model, to scan critical infrastructure, cloud platforms, browsers, and open-source codebases since Glasswing launched on April 7, 2026.

Cloudflare reported finding 2,000 vulnerabilities across its repositories, including 400 rated high- or critical-severity. Mozilla found 271 flaws in Firefox 150 during Mythos Preview testing, compared to 27 found using Claude Opus 4.6 during testing of Firefox 148. Independent security firms reviewed 1,752 high- or critical-rated open-source findings and confirmed a 90.6% true-positive rate.

Among the confirmed vulnerabilities was CVE-2026-5194, a critical flaw in wolfSSL, a lightweight cryptographic library installed on more than 5 billion devices. The flaw would have allowed attackers to forge digital certificates and impersonate trusted websites. wolfSSL patched it in version 5.9.1, released April 8, 2026.

The discovery rate is straining downstream response chains. Palo Alto Networks released more than five times its usual patch volume in a recent update cycle. Microsoft said monthly patch totals will “continue trending larger for some time.” Some open-source maintainers have asked Anthropic to slow its disclosure rate, citing limited capacity to develop and deploy fixes at scale.

“Progress on software security used to be limited by how quickly we could find new vulnerabilities,” Anthropic said on May 22. “Now it’s limited by how quickly we can verify, disclose, and patch the large numbers of vulnerabilities found by AI.”

Anthropic also launched a Cyber Verification Program, allowing vetted security professionals to access Mythos-class models without restrictions for penetration testing and red teaming. OpenAI introduced a comparable initiative, Daybreak, on May 11, 2026, granting authorized defenders access to GPT-5.5-Cyber for specialized offensive security workflows.