The Anthropic team, using the AI model Claude, identified 22 vulnerabilities in the Firefox browser, 14 of which were classified by Mozilla, the developer company, as high severity.
We partnered with Mozilla to test Claude’s ability to find security vulnerabilities in Firefox.
Opus 4.6 found 22 vulnerabilities in just two weeks. Of these, 14 were high-severity, representing a fifth of all high-severity bugs Mozilla remediated in 2025. pic.twitter.com/It1uq5ATn9
— Anthropic (@AnthropicAI) March 6, 2026
This figure accounts for approximately one-fifth of similar issues discovered in the popular web browser throughout 2025.
Researchers at Anthropic used Claude Opus 4.5 over two weeks to search for vulnerabilities in Firefox. The team explained their choice of browser for the experiment, noting it is one of the most tested and secure open-source projects with a high level of complexity.
Initially, developers focused their efforts on the JavaScript engine, as it can be analyzed in isolation, before expanding the model’s work to other parts of the codebase.
After just 20 minutes of research, Claude reported finding a Use After Free vulnerability, which allows attackers to replace data with arbitrary content.
In total, the LLM scanned nearly 6,000 C++ code files and submitted 112 problem reports. Most of these were fixed by the browser team in Firefox version 148, released in February. Patches for the remaining issues will be included in future releases.
According to Anthropic specialists, after the collaboration, Mozilla researchers began independently experimenting with using Claude for security purposes.
The AI company acknowledged that the model proved more effective at finding vulnerabilities than attempting to exploit them. Developers asked Claude to demonstrate a real attack via the Use After Free vector.
“We conducted this test several hundred times with different starting points, spending about $4,000 on API credits. Despite this, Opus 4.6 was able to turn a vulnerability into an exploit only twice,” they stated.
Anthropic noted that this situation currently provides an advantage to cybersecurity specialists using AI. However, the fact that the LLM managed to create a primitive malware “raises concerns.”
In February, vibe-coding through Claude Opus 4.6 led to the hacking of the Moonwell DeFi project, resulting in a $1.78 million loss.
