What cybersecurity vulnerabilities has Claude Mythos Preview discovered?

Claude Mythos Preview has discovered thousands of cybersecurity vulnerabilities across all major operating systems and web browsers, including particularly significant zero-day exploits. Among its most notable findings is a 27-year-old bug in OpenBSD, an operating system renowned for its strong security posture. Even more impressive, the model autonomously identified and exploited a 17-year-old remote code execution vulnerability in FreeBSD (CVE-2026-4747) that allows unauthenticated users anywhere on the internet to gain complete control of servers running NFS. According to Nicholas Carlini from Anthropic's research team, the model demonstrates sophisticated capabilities to chain together multiple vulnerabilities—sometimes three to five in sequence—to achieve complex exploitation outcomes. These discoveries emerged not from specialized cybersecurity training, but as a downstream consequence of general improvements in the model's code understanding, reasoning, and autonomy capabilities. The same advancements that make Mythos Preview effective at patching vulnerabilities also make it exceptionally skilled at finding and exploiting them.

📖 Read the full article: Anthropic keeps new AI model private after it finds thousands of external vulnerabilities