Anthropic says it found a heap of Firefox security flaws using new Claude tools, says 'AI is making it possible to detect severe security vulnerabilities at highly accelerated speeds'

News
By published

Claude finds 14 high-severity Firefox bugs in just a few weeks

Firefox icon
Image credit: PixieMe/Shutterstock (Image credit: Shutterstock)
  • Anthropic Claude Opus 4.6 uncovers 22 Firefox security flaws
  • Mozilla confirmed 14 high-severity vulnerabilities patched in Firefox 148
  • AI model demonstrated accelerated, human-like vulnerability detection

Anthropic says it found almost two dozen vulnerabilities in the latest version of Mozilla’s Firefox browser, including a few that could have caused serious damage.

In a new blog post Anthropic said it teamed up with Mozilla’s researchers and, over the course of a couple weeks, scanned almost 6,000 C++ files using Claude Opus 4.6.

Opus 4.6 is the latest version of Anthropic’s most powerful large language model (LLM), which was released in early February 2026, and has been advertised as a must-have tool in every cyber defender’s arsenal, claiming it is “notably better” at finding high-severity vulnerabilities.

Article continues below

Major success

After analyzing popular open source repositories and finding more than 500 flaws, Anthropic set its sights to Firefox, mostly because it is “both complex and one of the most well-tested and secure open-source projects in the world.” In other words, it really wanted to prove a point by finding a product that’s generally considered large, and safe.

The team ran the experiment for two weeks, and in that timeframe, Opus 4.6 managed to find 22 vulnerabilities. Mozilla labeled 14 of them as high severity. In total, Anthropic submitted a total of 112 unique reports, most of which were addressed in Firefox 148. The remainder will be fixed in upcoming releases, it was said.

Anthropic is framing this as a major success, saying Opus 4.6 uncovered in two weeks roughly a fifth as many high-severity vulnerabilities as Mozilla fixed during all of 2025.

“AI is making it possible to detect severe security vulnerabilities at highly accelerated speeds,” they said. Earlier, Anthropic said Opus 4.6 stood out with the way it found vulnerabilities “out of the box without task-specific tooling, custom scaffolding, or specialized prompting.”

It also added unlike fuzzing, which is a standard vulnerability hunting technique, Opus works by reasoning about the code “the way a human researcher would”, meaning it was looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that tend to cause problems, and was understanding logic “well enough to know exactly what input would break it.”

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.