Mythos finds 10,000 critical bugs in a month, but only 75 patched

10,000 vs. 75.

Those are the two most striking numbers in Anthropic's first-month report on Project Glasswing, released Friday (May 22). Over the past month, Claude Mythos Preview, working with 50 partner organizations, unearthed more than 10,000 high-severity and critical software vulnerabilities—but only 75 have actually been patched.

The key issue isn't how many were found, but how few were fixed.

By the numbers

Anthropic itself scanned over 1,000 open-source projects with Mythos, identifying 23,019 vulnerabilities, of which 6,202 were high-severity or critical. Cloudflare ran its own scan and found over 2,000, including 400 high-severity. Mozilla fixed 271 vulnerabilities in a single Firefox 150 release—more than 10 times the number fixed in Firefox 148.

The 50 partner organizations include a first tier of 12 well-known names: AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan, Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. More than 40 second-tier participants also support critical infrastructure.

Together, these numbers represent the real attack surface systematically scanned by modern AI over the past month.

  • 1,000+ open-source projects scanned by Anthropic
  • 23,019 total vulnerabilities found in open-source code
  • 6,202 high-severity or critical among them
  • 2,000 vulnerabilities found by Cloudflare in its own systems
  • 271 vulnerabilities fixed in a single Firefox 150 release
  • 530 high-severity and critical vulnerabilities formally reported by Anthropic to maintainers
  • 75 actually patched

The patch bottleneck

Anthropic itself acknowledges this. The blog post states:

"Progress on software security used to be limited by how quickly we could find new vulnerabilities. Now it's limited by how quickly we can verify, disclose, and patch."

In plain terms: previously we couldn't find them; now we can't fix them fast enough.

Anthropic formally reported 530 high-severity and critical vulnerabilities to maintainers. As of the first-month report, only 75 had been patched, and only 65 had a public security advisory. The funnel narrows at every stage: 530 → 75 → 65.

More awkwardly, some maintainers have already asked Anthropic to slow down the reporting—"don't send too many at once." Small and medium open-source projects simply lack the manpower to verify, fix, test, and regress each vulnerability.

A race against time

Microsoft Vice President Igor Tsyganskiy offered a stark comment in the partner remarks:

"What once took months now happens in minutes."

The window from vulnerability discovery to exploitation has shrunk from months to minutes. That's why the number 75 sends a chill down the spine. If capabilities like Mythos soon fall into the hands of attackers—which is likely only a matter of time—the timeline becomes:

  • Finding vulnerabilities: minutes, with AI automated scanning
  • Writing exploit code: minutes, with AI generating proof-of-concept code
  • Notifying maintainers: days
  • Patching vulnerabilities: weeks, months, or even longer

Palo Alto Networks CTO Lee Klarich put it bluntly:

"Mythos Preview is a game changer."

But his next sentence is more telling: "Attackers will soon be able to find vulnerabilities faster than ever before."

Where the money goes

Anthropic has invested in Project Glasswing as follows:

  • $100 million: model usage credits for partner organizations
  • $2.5 million: to Alpha-Omega and OpenSSF (via Linux Foundation)
  • $1.5 million: to the Apache Software Foundation

The message is clear: model usage is free, but open-source maintainers need funding. $100 million sounds like a lot, but split among 50 partners, that's $2 million each—and the workload generated by the discovered vulnerabilities is far beyond what the open-source side can handle.

Linux Foundation's Jim Zemlin described Project Glasswing as providing open-source maintainers "a credible path"—the path is given, but they still have to run it themselves.

What it means

In the short term, from the second half of this year into next, the number of patches from major companies will continue to rise. Microsoft has already said "patch packages will continue to grow." Oracle is also accelerating patch releases, several times faster than before. Firefox 150 fixed 271 vulnerabilities; Firefox 151 will likely fix even more.

In the medium term, the issue of "maintainer burnout" in the open-source ecosystem will be pushed to the forefront. A volunteer-maintained npm package that used to release one patch per year might now receive 30 Mythos reports. They can't fix them all. Deciding which to fix first, which later, and which to ignore will become a new political problem.

In the long term, Project Glasswing reveals a deeper truth: AI has slashed the cost of discovery to the bone, but the cost of fixing—engineering and organizational overhead—won't automatically decrease as models improve. The next decade of cybersecurity won't be about whose AI can find more vulnerabilities, but whose engineering team can turn more "to-do" vulnerabilities into "fixed."

10,000 vs. 75. That ratio is the exam question for the next phase.

Sources: Project Glasswing: An Initial Update (Anthropic Research); Anthropic finds over 10,000 software flaws in first month of Project Glasswing (Interesting Engineering); Anthropic's Glasswing — 10,000 Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious (Security Affairs); CocoLoop