Anthropic's Project Glasswing CVE count remains shrouded in mystery

Anthropic's ambitious Project Glasswing, which aims to leverage its Mythos AI model to discover security vulnerabilities before malicious actors can exploit them, remains shrouded in uncertainty regarding its actual impact on cybersecurity.

When Anthropic unveiled its Mythos Preview model on April 7, the company made bold claims about its capabilities. The AI system was described as capable of finding and developing exploits for zero-day vulnerabilities "in every major operating system and every major web browser." The company warned that releasing such a powerful tool publicly would cause "mass chaos and break the internet as we know it."

Instead of unleashing this potential chaos, Anthropic opted for a controlled approach through Project Glasswing, inviting approximately 50 industry partners to test the system. The participant list reads like a who's who of tech: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, Palo Alto Networks, and Intel, among others.

However, when security researcher Patrick Garrity from VulnCheck attempted to quantify the program's success by examining the CVE database, he encountered significant ambiguity. His search for CVE records containing "Anthropic" from February onward yielded 75 results, but only 40 could potentially be linked to Project Glasswing.

Of these 40 potential Glasswing discoveries, the distribution reveals interesting patterns:

• 28 CVEs in Mozilla's Firefox browser
• 9 in the wolfSSL embedded SSL/TLS library
• 1 in F5's NGINX Plus application delivery platform
• 1 each in FreeBSD and OpenSSL

Garrity noted that these vulnerabilities are credited to three distinct sources: the core Anthropic research team, individual researcher Nicholas Carlini, and Calif.io, an independent security research firm running a program called MADBugs that collaborates with Claude and Anthropic Research.

Only one vulnerability can be definitively tied to Project Glasswing: CVE-2026-4747, a remote code execution bug in FreeBSD. This vulnerability, described by Anthropic as a "17-year-old remote code execution vulnerability" that allows root access on machines running NFS, was discovered and exploited "fully autonomously" by Mythos Preview.

Anthropic has also claimed that Mythos Preview discovered other significant vulnerabilities, including a 27-year-old bug in OpenBSD, a 16-year-old FFmpeg bug, and Linux kernel privilege escalation chains. However, none of these have been assigned CVEs, making verification impossible.

Garrity suggests that Anthropic could improve transparency by creating a dedicated security advisory page for consistent publication of vulnerability disclosures. This would help the security community understand exactly what vulnerabilities have been discovered through the research team and Project Glasswing.

The full impact of Project Glasswing won't be clear until Anthropic releases its promised public summary report, expected around July 2026. Until then, the security community is left with more questions than answers about whether this AI-powered approach to vulnerability discovery represents a genuine breakthrough or merely sophisticated marketing.

The situation highlights a broader challenge in the AI security space: how to verify and quantify the capabilities of AI systems that claim to revolutionize cybersecurity. As companies race to develop AI-powered security tools, the need for transparent reporting and verifiable results becomes increasingly critical.

The stakes are high. If Mythos Preview truly can find vulnerabilities across every major operating system and web browser, the implications for both defensive and offensive cybersecurity are profound. But without clear evidence and transparent reporting, the security community must remain skeptical of extraordinary claims.