Anthropic has revealed that its Claude Opus 4.6 artificial intelligence model identified 22 previously unknown security vulnerabilities in Mozilla Firefox as part of a collaborative security effort with Mozilla. The findings were disclosed after a focused research exercise carried out in January 2026 over a two week period. The vulnerabilities were addressed in Firefox 148, which was released late last month, with additional fixes scheduled for upcoming versions of the browser. The effort highlights how advanced AI models are increasingly being applied to large scale software security analysis to assist human researchers in identifying flaws across complex codebases.
According to Anthropic, the vulnerabilities uncovered during the project varied in severity levels. Fourteen of the identified issues were classified as high severity, seven were categorized as moderate, and one was rated low severity. The number of high severity vulnerabilities detected by Claude Opus 4.6 represents nearly one fifth of all high severity security flaws that were patched in Firefox during 2025. During the analysis process, the AI system scanned thousands of files within the browser’s codebase, particularly focusing on components written in C++. By the end of the exercise, the model had examined close to 6,000 C++ files and produced 112 unique vulnerability reports, including the high and moderate severity issues highlighted in the findings.
One of the early discoveries made by the AI system involved a use after free bug within the browser’s JavaScript engine. Anthropic stated that the model located the flaw within approximately twenty minutes of exploring the codebase. After the issue was identified, a human security researcher reviewed and validated the finding in a controlled virtualized testing environment to ensure that the report was accurate and not a false positive. The company explained that this combination of automated analysis and human verification played a key role in confirming the legitimacy of the vulnerabilities before they were submitted to Mozilla for remediation.
Beyond identifying vulnerabilities, Anthropic also experimented with evaluating whether the AI system could transform discovered flaws into functional exploits. For this stage of testing, Claude Opus 4.6 was provided with access to the full list of vulnerabilities previously submitted to Mozilla and asked to attempt creating working exploit code. The tests were executed several hundred times and used approximately four thousand dollars worth of API credits. Despite the repeated attempts, the AI model successfully produced a working exploit in only two cases. According to Anthropic, this outcome indicates that identifying vulnerabilities is currently easier for AI systems than creating reliable exploits, and that the cost and complexity involved in exploit development remain higher than the process of detecting potential security issues.
The company also noted that the ability of the AI model to generate even limited exploit code raised some concerns. Although the successful exploit attempts worked only inside Anthropic’s testing environment, certain security protections such as sandboxing were intentionally disabled during experimentation to allow deeper testing. One example involved an exploit generated for CVE 2026 2796, which carries a CVSS severity score of 9.8. The vulnerability was described as a just in time miscompilation issue affecting the JavaScript WebAssembly component within the browser. During the testing process, the AI system relied on a built in task verifier that continuously evaluated whether generated exploit code was functioning correctly. This mechanism provided feedback to the model as it analyzed the codebase and allowed it to refine its approach until a working exploit was produced.
The disclosure comes shortly after Anthropic introduced Claude Code Security in a limited research preview. The project explores how AI agents can assist developers in identifying and fixing software vulnerabilities. According to the company, task verification systems help evaluate whether AI generated patches effectively resolve a security issue while preserving the intended functionality of the application. While such patches still require human review before integration into production code, the verification process increases confidence that a proposed fix addresses the specific vulnerability it was designed to resolve.
Mozilla also commented on the collaboration, noting that AI assisted analysis uncovered an additional ninety bugs beyond the 22 vulnerabilities highlighted in the report. Many of these were assertion failures that overlapped with issues traditionally detected through fuzzing techniques, while others involved logic related errors that automated fuzzing tools did not identify. Mozilla stated that combining traditional engineering practices with advanced analysis tools such as AI driven code review can significantly improve the ability of security teams to identify and address weaknesses within large software projects.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
