What did Mythos actually find?

6,202 high- or critical-severity vulnerabilities (of 23,019 total findings) across 1,000 open-source projects, with 90.6% validated as real by six independent firms — including a flaw in the widely used wolfSSL library, since patched.

No — Mythos Preview is restricted to about 50 vetted defensive partners. Anthropic says wider access will come only after stronger safeguards, given the offensive risk of the same capability.

Back to all news

Anthropic

Anthropic's Mythos finds 6,202 critical software flaws

AI vulnerability-hunting, with independent receipts. The brief.

The FeaturedDaily Desk26 May 2026Verified May 2026

Anthropic

Anthropic says Claude Mythos found 6,202 critical open-source flaws, 90.6% validated.

What happened. In a 26 May update on Project Glasswing, Anthropic said Claude Mythos scanned 1,000 open-source projects and found 6,202 high/critical vulnerabilities (of 23,019 findings). Six independent firms validated 90.6% as real — unusually strong corroboration for a capability claim.

Who has it. About 50 vetted partners (AWS, Apple, Google, Microsoft, NVIDIA, JPMorgan and others) for defensive work; partner bug-finding reportedly rose more than tenfold. Mythos itself remains restricted.

Sources

Project Glasswing: An initial update — Anthropic, 26 May 2026
Anthropic says Mythos has already found more than 10,000 vulnerabilities — Engadget, 26 May 2026
Anthropic: Claude Mythos identified 10,000+ software flaws — Help Net Security, 26 May 2026

← All news

Anthropic's Mythos finds 6,202 critical software flaws

Sources

Related

US directive pulls Fable 5 offline three days after launch

Anthropic calls for a coordinated global slowdown on AI

Anthropic ships Fable 5 — its most powerful public model yet