Anthropic’s Project Glasswing has produced its first major results. In just one month, Claude Mythos Preview and roughly 50 partners have identified over 10,000 high- or critical-severity vulnerabilities in the world’s most critical software. “the bottleneck in fixing bugs like these is the human capacity to triage, report, and design and deploy patches for them.”
One month into Project Glasswing, the numbers are striking. Anthropic and its approximately 50 partners, including Cloudflare, Palo Alto Networks, and major financial institutions, have used Claude Mythos Preview to surface more than 10,000 high- or critical-severity vulnerabilities across systemically important software. Cloudflare alone found 2,000 bugs, 400 of which were rated high- or critical-severity, with a false positive rate that Cloudflare’s team describes as better than human testers.
The UK’s AI Security Institute reports that Mythos Preview is the first model to complete both of its cyber range simulations end to end. Mozilla found and fixed 271 vulnerabilities in Firefox 150 during testing, more than ten times the number found in Firefox 148 using Claude Opus 4.6. Microsoft, which has also been using Mythos to scan for vulnerabilities, stated its new patches will “continue trending larger for some time.”
Open-source under the microscope
Parallel to its partner program, Anthropic has spent several months scanning more than 1,000 open-source projects with Mythos Preview. Out of 23,019 total findings, the model estimates 6,202 as high- or critical-severity. Independent security firms have verified 1,752, confirming 90.6 percent of the reported vulnerabilities as valid true positives. A notable example is a certificate-forgery vulnerability in wolfSSL (CVE-2026-5194), a cryptography library used by billions of devices. Mythos constructed an exploit that would allow an attacker to host a fake bank or email provider website. It was indistinguishable to the end user.
Still, just 75 of the 530 disclosed high- or critical-severity bugs have been patched so far. The bottleneck is human capacity to triage and fix. Some open-source maintainers have even asked Anthropic to slow the pace of disclosures, as a high- or critical-severity bug takes an average of two weeks to patch. Anthropic recently allowed Glasswing partners to share their findings more broadly, including with regulators and open-source maintainers, to help accelerate that process.
New tools, controlled access
Anthropic is not waiting for the backlog to clear to push more potent products, although Mythos-level capabilities will not be available for some time. Claude Security, now in public beta for Enterprise customers and built on Claude Opus 4.7, has already been used to patch over 2,100 vulnerabilities in three weeks. The company has also released the agentic tooling used internally by Glasswing partners. It consists of a codebase harness, scanning subagents, and a threat model builder to qualifying security teams on request. A Cyber Verification Program now allows vetted security professionals to access models without certain cybersecurity safeguards.
Mythos Preview itself remains unavailable to the public. When Anthropic launched Mythos testing in April, it stated that no company had yet developed safeguards sufficient for a broad release of Mythos-class models. The Dutch government raised concerns about those risks earlier this month, citing the model’s ability to autonomously build complete attack chains. Anthropic’s next step is expanding Glasswing to additional partners, including US and allied governments, with a general Mythos release planned only once stronger safeguards are in place.