Overview
- Mozilla validated Anthropic’s reports, assigned 22 CVEs, and shipped the fixes to users in Firefox 148.
- Anthropic’s Claude Opus 4.6 surfaced 22 flaws in roughly two weeks in January, with 14 classified as high severity—nearly a fifth of 2025’s high-severity fixes.
- The effort scanned nearly 6,000 C++ files and yielded 112 unique submissions with minimal test cases that accelerated Mozilla’s triage.
- The model also uncovered distinct logic errors that fuzzers had missed and about 90 other bugs, most of which are now resolved.
- Exploit-development trials succeeded only twice in unsandboxed test setups after several hundred attempts and about $4,000 in API spend, as Anthropic detailed a task-verifier method and Mozilla began integrating AI analysis into its workflow.