Anthropic and Mozilla officially revealed the results of a groundbreaking two-week security audit of the Firefox browser. Using the latest Claude Opus 4.6 model, Anthropic discovered 22 distinct security vulnerabilities in just 14 days.
The findings have been hailed as a major milestone for AI in cybersecurity, as Claude managed to find more high-severity bugs in two weeks than were typically reported from all sources in a single month during 2025.
Key Findings: The “22 CVE” Audit
The audit focused on Firefoxโs most complex and mission-critical components, primarily its JavaScript and WebAssembly engines.
| Metric | Result |
| Total Security Bugs Found | 22 (All issued unique CVEs) |
| High-Severity Bugs | 14 (Nearly 20% of 2025’s total high-severity count) |
| Non-Security Bugs | 90 additional verified crashing inputs/logic errors |
| Files Scanned | ~6,000 C++ files |
| Audit Duration | 14 days (February 2026) |
| Estimated Cost | $4,000 in API credits |
- The 20-Minute Breakthrough: Within just 20 minutes of beginning its analysis of the JavaScript engine, Claude identified its first Use-After-Free (UAF) vulnerabilityโa severe memory flaw often used for remote code execution.
- Superior Quality: Mozilla engineers described the AIโs reports as “better even than our usual internal and external fuzzing bugs,” specifically because Claude provided minimal, reproducible test cases that allowed for instant verification.
Defensive Advantage vs. Exploitation Gap
Anthropic researchers also tested whether Claude could “weaponize” the bugs it found. The results provided a temporary sigh of relief for the cybersecurity community.
- Finding vs. Fixing: Claude was exceptionally good at finding vulnerabilities but struggled to write working exploits. Out of hundreds of attempts, it successfully generated only two working exploits.
- Mitigating Factors: These exploits only worked in a “lab” environment where modern browser security features (like sandboxing) were manually disabled. In a real-world scenario, Firefox’s existing architecture would have mitigated them.
- The “Window” Warning: Anthropic warned that this “defensive advantage” is likely temporary. As models improve, the gap between finding a bug and exploiting it will likely narrow, necessitating new safeguards.
Impact and Availability
- Patches Deployed: Mozilla has already integrated fixes for the vast majority of these 22 vulnerabilities into Firefox 148.0, which was released to hundreds of millions of users on February 24, 2026.
- Claude Code Security: Following the success of this audit, Anthropic launched Claude Code Security (currently in limited preview), a tool that allows developers to run reasoning-based security reviews on their own codebases directly from the CLI or GitHub Actions.
Context: The “Supply Chain Risk” Designation
Paradoxically, this announcement comes just 24 hours after the U.S. Department of War designated Anthropic as a “supply chain risk” (March 5, 2026). While Anthropic is using its AI to harden open-source infrastructure like Firefox and the Linux kernel, the Trump administration has cited concerns over the company’s refusal to remove “safety red lines” as a threat to national security.
