Anthropic's Claude Discovers 22 Security Vulnerabilities in Firefox in Two-Week Security Audit
In a groundbreaking AI-driven security initiative, Claude Opus 4.6 identified 14 high-severity bugs in Firefox's C++ codebase — outpacing global human bug discovery rates — during a partnership with Mozilla.
Key Takeaways
Anthropic Claude Opus 4.6 Firefox security vulnerabilities 22 bugs Mozilla partnership use-after-free JavaScript engine C++ Bugzilla high-severity automated bug discovery cybersecurity AI audit
Anthropic's Claude Opus 4.6 has demonstrated the practical potential of AI in cybersecurity by identifying 22 previously unknown security vulnerabilities in Mozilla's Firefox browser during a two-week testing period in January 2026. The initiative, conducted as a formal security partnership between Anthropic and Mozilla, yielded results that significantly exceeded human bug-discovery benchmarks.
Discovery Rate Exceeds Global Human Baselines
Mozilla confirmed that Claude's discovery rate was exceptional: the AI model uncovered more high-risk Firefox bugs in two weeks than are typically reported globally across two months through all combined channels, including Mozilla's own bug bounty program, internal QA, and open-source community contributions.
Of the 22 vulnerabilities identified, 14 were classified as high-severity, 7 as moderate, and 1 as low-severity. The AI model scanned nearly 6,000 C++ files across the Firefox codebase, generating 112 unique reports that were submitted directly to Mozilla's Bugzilla issue tracker.
A Use-After-Free Bug in 20 Minutes
Perhaps the most striking result was Claude's detection of a use-after-free vulnerability in Firefox's JavaScript engine — a class of bug that can enable remote code execution and is considered among the most dangerous in browser security. The AI identified this vulnerability within just 20 minutes of analysis, a finding that was subsequently verified by a human security researcher.
Use-after-free bugs occur when a program continues to use memory after it has been freed, potentially allowing an attacker to execute arbitrary code. In browser contexts, these vulnerabilities are particularly critical because they can be exploited simply by visiting a malicious web page.
Quantitative Results
Limitations: Finding Bugs vs. Exploiting Them
Despite its impressive performance in vulnerability discovery, Claude Opus 4.6 demonstrated a significant limitation: the model was far less successful at developing functional exploits for the bugs it found. Out of hundreds of exploitation attempts, only two produced working proofs of concept. This gap between discovery and exploitation is notable from both a security and a safety perspective.
From a safety standpoint, the asymmetry is arguably reassuring: it suggests that AI models may be well-suited for defensive cybersecurity — finding and patching vulnerabilities — without simultaneously becoming effective tools for offensive operations. However, security researchers caution that this limitation may be temporary as AI capabilities continue to advance.
Patches and Production Impact
The majority of vulnerabilities identified by Claude were addressed and fixed in Firefox version 148, released in late February 2026. Mozilla has indicated interest in expanding the partnership to include ongoing AI-assisted security auditing of the Firefox codebase, potentially establishing a new model for open-source software security.
Implications for the Software Industry
The Firefox audit represents one of the most concrete demonstrations to date of AI's value in large-scale code security analysis. As software supply chain attacks and browser-based exploits continue to grow in frequency and sophistication, AI-driven security auditing could become an essential complement to traditional penetration testing and manual code review — particularly for open-source projects that often lack the resources for comprehensive security coverage.