· Updated
Claude Opus 4.6 as a security researcher on Firefox — one of the most well-tested open-source codebases in the world. In two weeks, the model scanned nearly 6,000 C++ files and discovered 22 vulnerabilities. Mozilla classified 14 as high-severity, representing almost a fifth of all high-severity Firefox bugs remediated in 2025. Most fixes shipped in Firefox 148.The results show AI-enabled vulnerability discovery has crossed a meaningful threshold. Claude found more bugs in two weeks than Firefox typically sees reported in any single month — with AI currently far better at identifying vulnerabilities than exploiting them. That gap gives defenders the advantage, but Anthropic warns it may not last.
Developers can explore Claude Code Security, an AI vulnerability discovery and patching tool now in limited research preview. Anthropic urges all software maintainers to accelerate security hardening while the defender's window remains open.
We partnered with Mozilla to test Claude's ability to find security vulnerabilities in Firefox. Opus 4.6 found 22 vulnerabilities in just two weeks. Of these, 14 were high-severity, representing a fifth of all high-severity bugs Mozilla remediated in 2025. https://t.co/It1uq5ATn9
More like this
ClaudeMay 1
AnthropicApr 19
Cloudflare2d ago
GitHubMar 28