- Anthropic‘s new AI model, Claude Opus 4.6, autonomously discovered over 500 previously unknown high-severity security flaws in widely used open-source libraries.
- The identified vulnerabilities, which have since been patched, included critical memory corruption bugs in projects like Ghostscript, OpenSC, and CGIF.
- The company validated every flaw to prevent hallucinations and emphasized the model’s ability to understand complex code logic in a way traditional security tools cannot.
On February 6, 2026, Anthropic revealed its newly launched Claude Opus 4.6 AI model had identified more than 500 high-severity vulnerabilities in critical open-source software. This discovery highlights the rapidly evolving capabilities of large language models in cybersecurity defense and offense.
The model demonstrated advanced code review skills, finding flaws without specialized prompting or custom tools. “Opus 4.6 reads and reasons about code the way a human researcher would,” the company stated, noting its ability to spot problematic patterns and logic.
Consequently, Anthropic‘s Frontier Red Team tested the model in a virtualized environment with standard tools like debuggers. The AI successfully pinpointed severe memory corruption issues that were later confirmed and patched by maintainers.
For example, it found a heap buffer overflow in the CGIF library, a flaw requiring deep understanding of the LZW algorithm. The vulnerability was fixed in version 0.5.1 after the discovery.
Meanwhile, Anthropic positions such AI as a critical tool for defenders to level the playing field. However, the company also recently confirmed its models can autonomously execute multi-stage network attacks using known flaws.
This underscores the dual-use nature of powerful AI in cybersecurity workflows. The firm said it will update safeguards and guardrails as new potential threats are discovered to prevent misuse.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
