Anthropic's Claude AI discovers 22 Firefox vulnerabilities in just two weeks of testing

Anthropic's Claude found 22 vulnerabilities in Firefox over two weeks | TechCrunch

In a recent security partnership with Mozilla, Anthropic found 22 separate vulnerabilities in Firefox -- 14 of them classified as "high-severity." Most of the bugs have been fixed in Firefox 148 (the version released this February), although a few fixes will have to wait for the next release. Anthropic's team used Claude Opus 4.6 over the span of two weeks, starting in the javascript engine and then expanding to other portions of the codebase. According to the post, the team focused on Firefox because "it's both a complex codebase and one of the most well-tested and secure open-source projects in the world." Notably, Claude Opus was much better at finding vulnerabilities than writing software to exploit them. The team ended up spending $4,000 in API credits trying to concoct proof-of-concept exploits, but only succeeded in two cases. Still, it's a reminder of how powerful AI tools can be for open-source projects -- even if they bring a flood of bad merge requests alongside the useful ones.

Anthropic's Claude Finds More Bugs in Firefox than Human Teams

As more and more industries seem to be waking up to the threat of AI-based automation, new data from browser maker Mozilla is showing how AI is proving proficient at identifying cybersecurity vulnerabilities in popular software. According to details shared by researchers at Mozilla, Anthropic's AI model Claude Opus 4.6 discovered 22 vulnerabilities in the Google Chrome competitor Mozilla Firefox over the course of two weeks, and 100 bugs overall. These are more vulnerabilities than were reported in any single month in 2025. Out of the vulnerabilities identified, 14 were classified as high-severity vulnerabilities, almost a fifth of the 73 high-severity Firefox vulnerabilities Mozilla fixed in 2025. "In other words: AI is making it possible to detect severe security vulnerabilities at highly accelerated speeds," said the researchers. The researchers were also able to identify some weaknesses in Opus. Though Claude did very well at identifying bugs, it performed comparatively poorly at exploiting them. Opus 4.6 was only able to actually turn the vulnerabilities it identified into an exploit in two cases, which, according to researchers, were "crude browser exploits" which would be unlikely to work in a real-world scenario due to existing safeguards. However, some experts have pointed out the issues that leaning too heavily on AI for vulnerability identification can cause. Daniel Stenberg, a lead developer at software firm curl, said that his company has experienced "an explosion in AI slop reports" in a comment to The Wall Street Journal on the findings, adding that fewer than one in 20 bugs reported to the company in 2025 were actually real. "The AI chatbots still easily hallucinate security problems," Stenberg said. The news comes as Anthropic is pivoting more closely into the world of cybersecurity. Earlier this month it launched Claude Code Security, which the company says can not only highlight vulnerabilities but also suggest targeted software fixes for human review, negatively impacting the share prices of some of the largest cybersecurity companies.

Firefox finds a slew of new bugs with Claude's help

Now if only device makers would deliver higher quality components Thanks to Anthropic's AI and its bug-detecting abilities, Firefox users can now enjoy stronger security. Unfortunately, if browser crashes rather than security flaws are the problem, Claude probably can't help. Mozilla engineer Gabriele Svelto said in a recent Mastodon post that he believes that about 10 percent of Firefox browser crashes can be attributed to bit flips - unintentional changes in memory - rather than software errors. Bit flips can be caused by a variety of things, such as cosmic rays and Rowhammer attacks. But often the explanation is more mundane - flawed electronic components. "Today I was looking at the data that comes out of these tests and now I'm 100 percent positive that ... a lot of the crashes we see are from users with bad memory or similarly flaky hardware," he said. Svelto said that, in the last week, Mozilla received about 470,000 crash reports from Firefox users, which just covers those who opted in to crash reporting. About 25,000, he said, look to be potential bit flips. "That's one crash every twenty potentially caused by bad/flaky memory, it's huge!" he said. "And because it's a conservative heuristic we're underestimating the real number, it's probably going to be at least twice as much." And, he said, if he subtracts crashes caused by resource exhaustion, like running out of memory, the proportion of crashes attributable to hardware goes up to about 15 percent. Svelto said that, while his research focuses mainly on computers and phones, these issues are present in every device, such as routers and printers. This is not the first time people have been taken aback by hardware error rates. Google researchers looked at DRAM errors in its data centers back in 2009 and were surprised to find that DRAM error rates "are orders of magnitude higher than previously reported, with 25,000 to 70,000 errors per billion device hours per Mbit and more than 8 percent of DIMMs affected by errors per year." Bit flips are beyond Mozilla's control, but the biz has been able to shore up its software with the help of Anthropic's red team. Several weeks ago, said Mozilla engineers Brian Grinstead and Christian Holler in a blog post, Anthropic approached the Firefox team with a new AI-based vulnerability detection system. They said that they'd had mixed results with prior AI-assisted bug detection systems, but this one was different. "Within hours, our platform engineers began landing fixes, and we kicked off a tight collaboration with Anthropic to apply the same technique across the rest of the browser codebase," they said. "In total, we discovered 14 high-severity bugs and issued 22 CVEs as a result of this work. All of these bugs are now fixed in the latest version of the browser." Anthropic says it managed this feat using its recent Claude Opus 4.6 model and even got its AI model to generate a working exploit for one of the now patched vulnerabilities (CVE-2026-2796). "To be clear, the exploit that Claude wrote only works within a testing environment that intentionally removes some of the security features of modern web browsers," explained security researchers Evyatar Ben Asher, Keane Lucas, Nicholas Carlini, Newton Cheng, and Daniel Freeman in a blog post. "Claude isn't yet writing 'full-chain' exploits that combine multiple vulnerabilities to escape the browser sandbox, which are what would cause real harm." But that moment may not be far off. "[L]ooking at the rate of progress, it is unlikely that the gap between frontier models' vulnerability discovery and exploitation abilities will last very long," said Anthropic. "If and when future language models break through this exploitation barrier, we will need to consider additional safeguards or other actions to prevent our models from being misused by malicious actors." ®

Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model

Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla. Of these, 14 have been classified as high, seven have been classified as moderate, and one has been rated low in severity. The issues were addressed in Firefox 148, released late last month. The vulnerabilities were identified over a two-week period in January 2026. The artificial intelligence (AI) company said the number of high-severity bugs identified by its Claude Opus 4.6 large language model (LLM) represents "almost a fifth" of all high-severity vulnerabilities that were patched in Firefox in 2025. Anthropic said the LLM detected a use-after-free bug in the browser's JavaScript after "just" 20 minutes of exploration, which was then validated by a human researcher in a virtualized environment to rule out the possibility of a false positive. "By the end of this effort, we had scanned nearly 6,000 C++ files and submitted a total of 112 unique reports, including the high- and moderate-severity vulnerabilities mentioned above," the company said. "Most issues have been fixed in Firefox 148, with the remainder to be fixed in upcoming releases." The AI upstart said it also fed its Claude model access to the entire list of vulnerabilities submitted to Mozilla and tasked the AI tool with developing a practical exploit for them. Despite carrying out the test several hundred times and spending about $4,000 in API credits, the company said Claude Opus 4.6 was able to turn the security defect into an exploit only in two cases. This behavior, the company added, signaled two important aspects: the cost of identifying vulnerabilities is cheaper than creating an exploit for them, and the model is better at finding issues than at exploiting them. "However, the fact that Claude could succeed at automatically developing a crude browser exploit, even if only in a few cases, is concerning," Anthropic emphasized, adding the exploits only worked within the confines of its testing environment, which has had some security features like sandboxing intentionally stripped off. A crucial component incorporated into the process is a task verifier to determine if the exploit actually works, giving the tool real-time feedback as it explores the codebase in question and allowing it to iterate its results until a successful exploit is devised. One such exploit Claude wrote was for CVE-2026-2796 (CVSS score: 9.8), which has been described as a just-in-time (JIT) miscompilation in the JavaScript WebAssembly component. The disclosure comes weeks after the company released Claude Code Security in a limited research preview as a way to fix vulnerabilities using an AI agent. "We can't guarantee that all agent-generated patches that pass these tests are good enough to merge immediately," Anthropic said. "But task verifiers give us increased confidence that the produced patch will fix the specific vulnerability while preserving program functionality -- and therefore achieve what's considered to be the minimum requirement for a plausible patch." Mozilla, in a coordinated announcement, said the AI-assisted approach has discovered 90 other bugs, most of which have been fixed. These consisted of assertion failures that overlapped with issues traditionally found through fuzzing and distinct classes of logic errors that the fuzzers failed to catch. "The scale of findings reflects the power of combining rigorous engineering with new analysis tools for continuous improvement," the browser maker said. "We view this as clear evidence that large-scale, AI-assisted analysis is a powerful new addition to security engineers' toolbox."

Mozilla says Claude AI uncovered over 100 Firefox bugs in just two weeks, including 14 high-severity flaws

Serving tech enthusiasts for over 25 years. TechSpot means tech analysis and advice you can trust. The takeaway: While some companies are struggling with a flood of unreliable or hallucinated AI-generated bug reports, Mozilla is finding real value in bug-seeking bots. The foundation has begun working with Anthropic to strengthen Firefox's security, and several AI-assisted bug fixes have already landed in the browser's codebase. Mozilla is now working with Anthropic's Frontier Red Team to identify and patch potentially dangerous security vulnerabilities in Firefox. According to Mozilla, the AI company approached them a few weeks ago with results from a newly developed, AI-assisted bug-hunting method. The approach appears to work, Mozilla said, and could ultimately lead to a safer Firefox experience for everyone. Anthropic's team focused on Firefox's JavaScript engine, in part because the Red Panda browser offers a widely used and "deeply scrutinized" open-source codebase that makes it ideal for testing new analysis techniques. The AI system uncovered several security flaws in the JS engine and also produced minimal test cases, allowing Firefox developers to quickly verify and reproduce the issues. In total, developers confirmed 14 high-severity security bugs, which resulted in 22 separate CVE tracking IDs. Mozilla said all of these issues have already been fixed in the latest Firefox release (version 148.0). The process also uncovered 90 additional low-priority bugs, which have since been addressed. Mozilla emphasized that Anthropic's approach to bug reporting differs significantly from other AI-driven efforts. Some major open-source projects, including curl, have been forced to discourage or outright ban AI-generated contributions after being flooded with low-quality submissions from users attempting to earn bug bounty rewards without proper vetting. Many of the vulnerabilities uncovered through Anthropic's technique are typically discovered through fuzzing, an automated testing method that feeds unexpected inputs into software to trigger crashes. However, Mozilla said the AI model also identified several classes of logic bugs that traditional fuzzing techniques often miss. After seeing the results, Mozilla plans to incorporate the new AI-assisted method into its broader security and development workflow. The organization expects Anthropic's Claude models and other advanced AI systems to help uncover additional issues in the future. If the approach proves scalable, it could also help identify large numbers of previously "undiscoverable" bugs across other popular open-source projects where fuzzing and other traditional techniques have reached their limits without the help of AI.

Anthropic says it found a heap of Firefox security flaws using new Claude tools, says 'AI is making it possible to detect severe security vulnerabilities at highly accelerated speeds'

* Anthropic Claude Opus 4.6 uncovers 22 Firefox security flaws * Mozilla confirmed 14 high-severity vulnerabilities patched in Firefox 148 * AI model demonstrated accelerated, human-like vulnerability detection Anthropic says it found almost two dozen vulnerabilities in the latest version of Mozilla's Firefox browser, including a few that could have caused serious damage. In a new blog post Anthropic said it teamed up with Mozilla's researchers and, over the course of a couple weeks, scanned almost 6,000 C++ files using Claude Opus 4.6. Opus 4.6 is the latest version of Anthropic's most powerful large language model (LLM), which was released in early February 2026, and has been advertised as a must-have tool in every cyber defender's arsenal, claiming it is "notably better" at finding high-severity vulnerabilities. Major success After analyzing popular open source repositories and finding more than 500 flaws, Anthropic set its sights to Firefox, mostly because it is "both complex and one of the most well-tested and secure open-source projects in the world." In other words, it really wanted to prove a point by finding a product that's generally considered large, and safe. The team ran the experiment for two weeks, and in that timeframe, Opus 4.6 managed to find 22 vulnerabilities. Mozilla labeled 14 of them as high severity. In total, Anthropic submitted a total of 112 unique reports, most of which were addressed in Firefox 148. The remainder will be fixed in upcoming releases, it was said. Anthropic is framing this as a major success, saying Opus 4.6 uncovered in two weeks roughly a fifth as many high-severity vulnerabilities as Mozilla fixed during all of 2025. "AI is making it possible to detect severe security vulnerabilities at highly accelerated speeds," they said. Earlier, Anthropic said Opus 4.6 stood out with the way it found vulnerabilities "out of the box without task-specific tooling, custom scaffolding, or specialized prompting." It also added unlike fuzzing, which is a standard vulnerability hunting technique, Opus works by reasoning about the code "the way a human researcher would", meaning it was looking at past fixes to find similar bugs that weren't addressed, spotting patterns that tend to cause problems, and was understanding logic "well enough to know exactly what input would break it." Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Claude AI discovered 22 Firefox flaws. Here's how many it figured out how to exploit.

Claude AI discovered nearly two dozen vulnerabilities in Firefox, the Mozilla web browser. Anthropic teamed up with Mozilla to test the security of its browser, allowing its AI tool to probe for vulnerabilities. Read, in part, a blog post from Anthropic: "Claude Opus 4.6 discovered 22 vulnerabilities over the course of two weeks. Of these, Mozilla assigned 14 as high-severity vulnerabilities -- almost a fifth of all high-severity Firefox vulnerabilities that were remediated in 2025. In other words: AI is making it possible to detect severe security vulnerabilities at highly accelerated speeds." Anthropic noted that while Claude AI proved adept at identifying vulnerabilities, it was less successful at exploiting them. The researched asked the AI tool to "read and write a local file in a target system, as an attacker would." Wrote Anthropic: "We ran this test several hundred times with different starting points, spending approximately $4,000 in API credits. Despite this, Opus 4.6 was only able to actually turn the vulnerability into an exploit in two cases. This tells us two things. One, Claude is much better at finding these bugs than it is at exploiting them. Two, the cost of identifying vulnerabilities is an order of magnitude cheaper than creating an exploit for them. However, the fact that Claude could succeed at automatically developing a crude browser exploit, even if only in a few cases, is concerning." The whole endeavor showed that AI tools are relatively skilled at identifying vulnerabilities in open-source projects. Anthropic, obviously, is pitching Claude as a tool in preventing these vulnerabilities from being exploited.

Anthropic's Claude uncovers 22 Firefox security vulnerabilities

Why it matters: AI models are rapidly lowering the cost of finding software vulnerabilities, surfacing serious flaws even in heavily scrutinized projects like Firefox. Driving the news: Anthropic uncovered more than 500 previously unknown flaws across open-source projects while testing Claude Opus 4.6 last month -- including 112 reports submitted to Mozilla over a two-week period. * Anthropic also rolled out Claude Code Security, an automated code security testing tool, last month -- briefly rattling cybersecurity stocks. The big picture: The Mozilla case study illustrates how open-source maintainers may need to adapt to a future where AI dramatically increases both the volume and plausibility of incoming bug reports. * Of the 112 total reports Anthropic submitted, Mozilla issued 22 CVEs for security-sensitive bugs, including 14 rated high severity. * The remaining roughly 90 reports involved non-security issues such as crashes and logic errors. What they're saying: "We chose Firefox because it's one of the most well-tested and secure open-source projects in the world," Logan Graham, head of Anthropic's frontier red team, said in a statement. * "It's been scrutinized by security researchers for decades, fuzzed continuously, and maintained by engineers who really know what they're doing." * "We went into this believing if Claude could find undiscovered high-severity bugs here, it would tell us something substantial about where these capabilities are heading and the urgency of the moment we are in," he added. Threat level: Claude found security bugs -- including 14 high-several flaws -- in Firefox's memory storage system, access boundary conditions, security safeguards and other programs. * It also surfaced dozens of non-security bugs, including issues that affected user experience but posed no direct security risk, Brian Grinstead, senior principal engineer at Mozilla, told Axios. * Attackers could potentially chain such flaws together to bypass protections, corrupt data or escalate privileges. Between the lines: Mozilla is well-resourced compared to many open-source projects, which often operate with small teams and limited security staff. * Grinstead said Anthropic reached out a few weeks ago with the first validated security bug. * After confirming the issue, Mozilla asked the team to direct Claude to search for more. The organization then pulled in multiple engineering teams to validate findings and write patches. * "This is a large influx," Grinstead said. "We did mobilize as sort of an incident response to get the 100+ bugs that were filed, triaged and most of them fixed." Reality check: Firefox included fixes for the issues in version 148, which rolled out Feb. 24. * Grinstead added that exploiting the flaws would have required chaining them with other vulnerabilities. * "Just because you find a single vulnerability, even a high vulnerability, it is not enough to hack Firefox," Grinstead said. * Modern browsers rely on multiple layers of defense, meaning attackers would need to combine several weaknesses to mount a successful exploit. What to watch: Less-resourced open-source maintainers may struggle to keep up as AI tools generate higher volumes of increasingly polished bug reports.

Anthropic's Claude finds first Firefox bug in 20 mins during test, Mozilla devs call it serious

After Claude detected the first vulnerability, Anthropic reported it to Mozilla. Anthropic recently tested its artificial intelligence model, Claude Opus 4.6, to see its hacking capabilities. During the test, the AI found its first bug in the Firefox web browser within about 20 minutes. Claude's bug bonanza began when Anthropic's security team decided to focus its software on a widely-used and complex web browser that has been closely studied for many years. After Claude detected the first vulnerability, Anthropic reported it to Mozilla, Firefox's parent company. Mozilla then confirmed that the bug was serious and contacted Anthropic to ask for more details, reports WSJ. 'What else do you have? Send us more,' said Brian Grinstead, an engineer with Mozilla. Anthropic continued submitting the findings to Mozilla. Over a two-week period in January, Claude found more high-severity Firefox bugs than are usually reported globally in about two months, according to Mozilla. Also read: OpenAI launches GPT 5.4 with better reasoning, coding and professional task support In total, Claude found more than 100 bugs during the test, the report mentioned. Among them were 14 classified as 'high severity.' These types of vulnerabilities can allow attackers to carry out widespread attacks if they were combined with the right exploit code. For comparison, Firefox fixed 73 bugs rated as high severity or critical last year. Anthropic researchers also asked Claude to generate exploit code. According to Logan Graham, the head of Anthropic's Frontier Red Team, the AI performed better at identifying bugs than exploiting them. Claude produced two working exploits on a test version of Firefox, but other security protections in the browser would have blocked them in real-world conditions. Also read: Anthropic CEO criticises OpenAI's defense deal, questions safety claims Some developers also note that AI systems sometimes produce incorrect bug reports. 'The AI chatbots still easily hallucinate security problems,' said Daniel Stenberg, Curl software's lead developer. 'But at the same time, there are quite capable AI-powered code analysers that find real things.'