Anthropic AI Discovers 22 Firefox Vulnerabilities in Two Weeks

Anthropic’s Claude Opus 4.6 identified 22 security vulnerabilities in Mozilla Firefox over a two-week period, with 14 classified as high-severity—representing nearly a fifth of all critical Firefox bugs remediated throughout 2025. The findings have already been patched in Firefox 148.0, protecting hundreds of millions of users.

The collaboration marks a significant milestone in AI-assisted security research. Within twenty minutes of initial exploration, Claude discovered a Use After Free vulnerability in Firefox’s JavaScript engine—a memory flaw that could allow attackers to inject malicious code. By the time Anthropic researchers validated and submitted that first bug, the AI had already flagged fifty more unique crashing inputs.

Speed That Human Researchers Can’t Match

Anthropic scanned nearly 6,000 C++ files and submitted 112 unique reports to Mozilla’s Bugzilla tracker. The company chose Firefox specifically because it’s one of the most rigorously tested open-source projects in existence—making it a harder benchmark than typical targets.

“Browser vulnerabilities are particularly dangerous because users routinely encounter untrusted content and depend on the browser to keep them safe,” Anthropic noted in their announcement. The JavaScript engine presented an especially critical attack surface since it processes external code whenever someone browses the web.

Mozilla’s security team adapted their processes mid-collaboration, eventually encouraging Anthropic to submit findings in bulk without manually validating each one. Most issues shipped fixes in Firefox 148, with remaining patches coming in future releases.

The Exploitation Gap—For Now

Here’s where it gets uncomfortable. Anthropic also tested whether Claude could actually exploit the bugs it discovered. After spending roughly $4,000 in API credits across several hundred attempts, Opus 4.6 successfully developed working exploits in two cases—crude ones that only functioned in test environments with security features disabled, but functional nonetheless.

The AI proved far better at finding vulnerabilities than weaponizing them. That’s good news for defenders, but Anthropic isn’t sugarcoating the trajectory: “Looking at the rate of progress, it is unlikely that the gap between frontier models’ vulnerability discovery and exploitation abilities will last very long.”

What This Means for the Industry

The partnership comes amid Mozilla’s broader push to counter AI industry giants. In late January 2026, Mozilla announced plans to deploy roughly $1.4 billion through Mozilla Ventures to fund AI startups focused on safety and transparency—positioning itself as a “rebel alliance” against closed-source AI dominance. Mozilla Ventures has already backed over 55 companies since launching in 2022.

Anthropic, meanwhile, closed a $30 billion Series G round in February 2026 at a $380 billion valuation, giving it substantial resources to expand cybersecurity initiatives. The company has already used Claude to discover vulnerabilities in other major projects including the Linux kernel.

For developers, the message is blunt: this window where AI finds bugs faster than it exploits them won’t stay open indefinitely. Anthropic plans to expand its security work significantly, including direct outreach to open-source maintainers and a new Claude Code Security tool currently in limited preview. They’re also hiring security researchers to scale these efforts.

Mozilla engineers have started experimenting with Claude internally for their own security testing—a telling sign of where browser security is headed.

Image source: Shutterstock