Anthropic Claude Mythos finds 10,000+ zero-days

Anthropic’s claim that Claude Mythos Preview found more than 10,000 potential zero-day vulnerabilities did not originate only in an X post on May 23. Anthropic had already published a broader account on April 7 through its Project Glasswing announcement and a technical post on its red-team site, saying the model had identified thousands of previously unknown flaws across critical software. The company did not publish a public list of the vulnerabilities, and it said most remained unpatched under a coordinated disclosure process. The X post appears to be amplifying that disclosure rather than introducing a standalone report. Anthropic’s public materials describe Claude Mythos Preview as a gated research model for defensive security work, not a general release product, and say the company is working with launch partners and other infrastructure organizations. ### Where did the “10,000+ zero-days” claim come from? (anthropic.com) Anthropic’s Project Glasswing page says Claude Mythos Preview had already identified “thousands of zero-day vulnerabilities across critical infrastructure” when the initiative was announced on April 7. A technical post published the same day on red.anthropic.com says the model was capable of identifying and exploiting zero-day vulnerabilities in every major operating system and every major web browser during testing. (anthropic.com) The May 23 social post used a larger figure — more than 10,000 — but Anthropic’s official pages available here do not show that exact number in the lines retrieved. What Anthropic has publicly and directly documented is the broader “thousands” claim, plus the scope across major operating systems, browsers and other critical software. ### What has Anthropic actually published? Anthropic’s April 7 technical post names more than two dozen authors, including Nicholas Carlini, Newton Cheng, Keane Lucas, Michael Moore, Milad Nasr and Ben Buchanan. (anthropic.com) The post says Anthropic is “limited in what we can report here” because more than 99% of the vulnerabilities it found had not yet been patched. The same post says many of the bugs were old, including what Anthropic described as a now-patched 27-year-old OpenBSD flaw. (anthropic.com) Anthropic framed the work as part of a coordinated vulnerability disclosure process, which explains why technical details and exploit writeups are not public. ### Why aren’t there technical details or a patch timeline? Anthropic said on April 7 that disclosing details on unpatched flaws would be irresponsible. (red.anthropic.com) The company said more than 99% of the vulnerabilities it found were still unpatched at that point, and that only a small fraction could be discussed publicly. That leaves key unanswered questions. Anthropic’s public materials do not, in the passages reviewed here, provide a vulnerability-by-vulnerability count, a full vendor list, CVE identifiers, or a public remediation schedule. (red.anthropic.com) The absence of those details means outsiders can verify the existence of the program and Anthropic’s general claims, but not independently audit the full “10,000+” figure from the social post. ### Who is involved in Project Glasswing? Anthropic’s Project Glasswing page lists Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks as launch partners. Anthropic also said it had extended access to more than 40 additional organizations that build or maintain critical software infrastructure. (anthropic.com) Anthropic said it was committing up to $100 million in usage credits and $4 million in donations to open-source security organizations to support the effort. The company said participants were using Mythos Preview for defensive security work and that it would share lessons from the project with the broader industry. ### What can be said with confidence right now? Anthropic has publicly documented that Claude Mythos Preview is a real research model, that Project Glasswing is a real initiative launched on April 7, 2026, and that the company says the model found thousands of zero-days across major software targets. (anthropic.com) Anthropic has also publicly said that more than 99% of those vulnerabilities were still unpatched when it published its technical note. The narrower May 23 claim that the model found “10,000+” zero-days should be treated as unverified beyond that social amplification unless Anthropic or named partner organizations publish a fuller accounting. The next place to watch is Anthropic’s Project Glasswing page, its red-team research site and any vendor disclosures tied to patches or coordinated advisories. (anthropic.com)