Artificial intelligence (AI) company Anthropic has revealed that its latest large-scale language model (LLM), Claude Opus 4.6, has discovered more than 500 previously unknown high-severity security flaws in open source libraries such as Ghostscript, OpenSC, and CGIF.
Claude Opus 4.6, released Thursday, includes enhancements to coding skills such as code review and debugging capabilities, as well as enhancements to tasks such as financial analysis, research and documentation.
Anthropic said the model is “significantly better” at finding high-severity vulnerabilities without the need for task-specific tools, custom scaffolding, or special prompts, and that it leverages the model to discover and remediate vulnerabilities in open source software.
“Opus 4.6 reads and reasons about code in the same way that human researchers do; it looks at past fixes to find similar bugs that haven’t been addressed, it finds patterns that tend to cause problems, it understands parts of the logic well enough to know exactly which inputs will break it,” he added.
Before its debut, Anthropic’s Frontier Red team tested the model within a virtualized environment, giving it the necessary tools like debuggers and fuzzers to find flaws in open source projects. The goal was to evaluate the models’ out-of-the-box capabilities without providing instructions on how to use these tools or information that would help better notify vulnerabilities.
The company also said that it verified every flaw discovered to ensure it was not a hoax (i.e., an illusion), and that LLM was used as a tool to prioritize the most severe memory corruption vulnerabilities identified.
Below are some of the security flaws reported by Claude Opus 4.6. They have since been patched by their respective maintainers.
Parsing Git commit history to identify Ghostscript vulnerabilities that can cause crashes using missing bounds checks Identifying OpenSC buffer overflow vulnerabilities by searching for function calls such as strrchr() and strcat() CGIF heap buffer overflow vulnerability (fixed in version 0.5.1)
Anthropic said the CGIF bug is “particularly interesting because triggering this vulnerability requires a conceptual understanding of the LZW algorithm and how it relates to the GIF file format.” “Traditional fuzzers (and even coverage-guided fuzzers) have a hard time introducing these kinds of vulnerabilities because they require specific branches to be selected.”
“In fact, even if CGIF covered 100% of circuits and branches, this vulnerability could still go undetected. It requires a very specific sequence of operations.”
The company touts AI models like Claude as important tools for defenders to “level the playing field.” But it also emphasized adjusting and updating security measures as potential threats are identified and installing additional guardrails to prevent abuse.
This disclosure comes weeks after Anthropic said its current Claude model can successfully mount a multi-stage attack against a network containing dozens of hosts by finding and exploiting known security flaws using only standard open source tools.
“This shows how quickly barriers to the use of AI in relatively autonomous cyber workflows are being removed, and highlights the importance of security fundamentals such as rapid patching of known vulnerabilities.”
Source link
