Anthropic announced Friday that it has discovered 22 new security vulnerabilities in its Firefox web browser as part of a security partnership with Mozilla.
Of these, 14 were classified as severe, 7 were classified as moderate, and 1 was rated as low severity. This issue was resolved in Firefox 148 released late last month. This vulnerability was identified over a two-week period in January 2026.
The artificial intelligence (AI) company said the number of high-severity bugs identified by its Claude Opus 4.6 Large-Scale Language Model (LLM) represented “nearly one-fifth” of all high-severity vulnerabilities patched in Firefox in 2025.
According to Anthropic, LLM detected the use-after-free bug in the browser’s JavaScript after “just” 20 minutes of investigation, which was then verified by human researchers in a virtualized environment to eliminate the possibility of false positives.
“By the end of this effort, we had scanned approximately 6,000 C++ files and submitted a total of 112 independent reports, including the aforementioned high- and medium-severity vulnerabilities,” the company said. “Most issues have been fixed in Firefox 148, and remaining issues will be fixed in future releases.”
The AI startup said it gave its Claude models access to the entire list of vulnerabilities submitted to Mozilla and tasked the AI tool with developing working exploits for them.
The company said that despite running hundreds of tests and spending about $4,000 in API credits, Claude Opus 4.6 was only able to turn a security flaw into an exploit in two cases.
The company added that this behavior illustrates two important aspects. First, the cost of identifying a vulnerability is cheaper than creating a way to exploit it, and this model is better at finding problems than exploiting them.
“However, the fact that Claude was able to automate the development of a crude browser exploit, even in a small number of cases, is alarming,” Anthropic stressed, adding that the exploit only worked within a testing environment that intentionally removed security features such as sandboxing.
A key component built into the process is a task validation tool that determines whether the exploit actually works. This gives the tool real-time feedback as it explores the problem codebase and allows the tool to iterate on results until the exploit is successful.
One such exploit created by Claude is for CVE-2026-2796 (CVSS score: 9.8), which is described as just-in-time (JIT) miscompilation of JavaScript WebAssembly components.
The disclosure comes weeks after the company released Claude Code Security in a limited research preview as a way to remediate vulnerabilities using AI agents.
“We cannot guarantee that all patches produced by agents that pass these tests will be sufficient to be merged immediately,” Anthropic said. “However, using a task validation tool increases confidence that the patch created fixes a specific vulnerability while preserving the functionality of the program, thus achieving what is considered the minimum requirement for a reasonable patch.”
Mozilla said in a joint announcement that 90 other bugs were discovered through its AI-powered approach, most of which have been fixed. These consisted of assertion failures that overlapped with problems traditionally discovered by fuzzing, and a separate class of logic errors that fuzzers failed to catch.
“The scale of our findings reflects the power of combining rigorous engineering with new analytical tools for continuous improvement,” the browser maker said. “We see this as strong evidence that large-scale AI-assisted analysis is a new addition to the security engineer’s toolbox.”
Source link
