Project Glasswing Has Uncovered 10,000 Vulnerabilities: Anthropic
CSO Online, Monday, May 25th, 2026
Anthropic's Project Glasswing AI initiative uncovered 10,000 critical vulnerabilities in open-source and partner software, revealing a major patching capacity crisis.
Anthropic announced that Project Glasswing, leveraging its Claude Mythos Preview AI model, has discovered approximately 10,000 critical or high-severity vulnerabilities across over 1,000 open-source projects and 50+ partner organizations. Of the 6,202 vulnerabilities found in open-source code, independent security firms validated 1,587 as true positives, with 1,094 confirmed as high or critical severity.
However, the initiative has revealed a critical bottleneck: while AI can rapidly discover vulnerabilities, the cybersecurity industry lacks sufficient human capacity to triage, patch, and deploy fixes, forcing organizations to rethink their patching strategies beyond traditional quarterly cycles. Open-source maintainers have reported being overwhelmed by the volume of disclosures, requesting Anthropic slow its reporting rate due to capacity constraints.