The headline number from Anthropic’s Project Glasswing progress report isn’t the vulnerability count. It’s the implication behind it.
According to Anthropic’s first-month progress report, Claude Mythos Preview, the company’s restricted agentic AI system, reportedly scanned more than 1,000 open-source projects and identified approximately 6,202 high- or critical-severity vulnerabilities within that subset. Across all project categories, Anthropic reports the total figure exceeds 10,000. The primary source for these figures, Anthropic’s official announcement, was unavailable for direct verification at publication time; all metrics are attributed to Anthropic’s own reporting and should be treated as such.
The catch is this: finding the bugs took Claude Mythos Preview weeks. Coordinating disclosure, triaging severity, assigning patches, and pushing fixes will take human teams months, or longer. According to reporting corroborated by Anthropic’s security research division, Mythos Preview ran “a thousand runs through our scaffold” on a single critical OpenBSD vulnerability before surfacing it. That methodology doesn’t slow down as the queue grows. Human patch workflows do.
That’s the structural shift. AI vulnerability discovery has become faster than human vulnerability remediation. Glasswing is the first large-scale evidence of that gap at production scale.
Warning
A minor discrepancy in CVE attribution between Anthropic's progress report and Palo Alto Networks' PSIRT portal has not been publicly resolved. At this scale of vulnerability discovery, attribution inconsistencies compound into triage problems. Both organizations should be considered for comment before treating specific CVE counts as definitive.
The coalition Anthropic assembled to manage this is substantial. Approximately 50 organizations reportedly participate, named partners include Microsoft, Amazon, CrowdStrike, Palo Alto Networks, and JPMorgan Chase, according to Anthropic. Cloudflare reportedly found 2,000 bugs across its critical-path systems, with 400 classified as high or critical severity, per figures included in Anthropic’s progress report. No independent Cloudflare confirmation of these figures was available at publication time.
Context matters here. Project Glasswing launched in May 2026 with an explicit access-control architecture: Mythos-class models would reach a vetted partner coalition before any general availability. The UK AISI evaluated Claude Mythos Preview, completing the “Cooling Tower” cybersecurity benchmark, the first formal third-party assessment of Mythos’s offensive security capabilities. Today’s progress report is the first data on what the model actually did at scale inside production infrastructure.
What comes next matters more than what’s already happened. Anthropic has reportedly committed to expanding Glasswing access to U.S. and allied governments before making Mythos-class models broadly available. That sequencing, partners, then governments, then general release, is a governance model, not just a rollout plan. It’s Anthropic’s answer to the question of what happens when AI finds more critical vulnerabilities than the security industry can responsibly disclose.
What to Watch
Don’t expect the coordination burden to ease without structural changes. A minor discrepancy in CVE attribution between Anthropic’s progress report and Palo Alto Networks’ PSIRT portal hasn’t been publicly resolved. At 10,000+ open vulnerabilities, even small attribution inconsistencies compound into triage problems.
Security teams outside the Glasswing coalition should treat this report as a planning signal. AI-generated CVE disclosures are coming, from inside and outside any vetted partnership. Build the intake process before you need it.