Anthropic has reported the discovery of 22 new security vulnerabilities in the Firefox web browser, as part of a security collaboration with Mozilla. Among these vulnerabilities, 14 have been classified as high severity, seven as moderate, and one as low. The issues were addressed in Firefox 148, which was released in late February 2026.
Details of the Vulnerabilities
The vulnerabilities were identified over a two-week period in January 2026. Anthropic noted that the number of high-severity vulnerabilities it found represents almost a fifth of all high-severity bugs patched in Firefox throughout 2025. One significant issue identified was a use-after-free bug in the browser’s JavaScript, which was detected by the AI model after only 20 minutes of exploration.
AI’s Role in Vulnerability Detection
During its analysis, Anthropic scanned nearly 6,000 C++ files and submitted a total of 112 unique reports, including the high- and moderate-severity vulnerabilities. The AI model, Claude Opus 4.6, was also tasked with developing practical exploits for the vulnerabilities it identified. Despite conducting several hundred tests and incurring costs of about $4,000 in API credits, the AI successfully created exploits in only two instances.
Concerns and Future Outlook
While the ability of Claude to generate a crude browser exploit is concerning, Anthropic clarified that these exploits were only functional within a controlled testing environment, which lacked certain security features. The company emphasized that the cost of identifying vulnerabilities is lower than that of creating exploits, indicating a potential area for improvement in AI-assisted security.
Collaboration with Mozilla
In a coordinated announcement, Mozilla confirmed that the AI-assisted approach has led to the discovery of 90 other bugs, most of which have been addressed. These findings highlight the effectiveness of combining rigorous engineering with advanced analysis tools in enhancing security measures.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
