Claude Found 22 Firefox Vulnerabilities in 2 Weeks: AI Just Changed Security Research

Anthropic's Claude found 22 vulnerabilities in Firefox in just two weeks. Of those, 14 were classified as high severity — representing a fifth of all high-severity bugs Mozilla fixed across the entire year of 2025. The result came from a joint security research project between Anthropic and Mozilla designed to test whether AI could systematically find vulnerabilities in production-grade open-source software.

What Happened

Anthropic partnered with Mozilla to give Claude access to the Firefox codebase and tasked it with finding security vulnerabilities autonomously. Claude analysed approximately 4.6 million lines of code over two weeks.

The result: 22 confirmed vulnerabilities. 14 of those were rated high severity. To put that number in context — Mozilla's security team typically remediates around 70 high-severity bugs per year across all of Firefox. Claude found 14 in two weeks, representing roughly 20% of a full year's high-severity remediation work.

These were not trivial or theoretical issues. Mozilla confirmed and patched the vulnerabilities, meaning they were real, exploitable bugs in production code that users download and run.

Why This Matters More Than a Bug Bounty Record

Security research has traditionally been a human-intensive discipline. Finding a single critical vulnerability in a mature codebase like Firefox — which has had thousands of engineers and researchers scrutinising it for over two decades — typically takes weeks of manual effort, deep expertise in browser internals, and significant domain knowledge.

Claude found 14 high-severity bugs in two weeks with no prior specialisation in Firefox internals. It did not need to understand browser architecture the way a human specialist does. It read the code, inferred likely vulnerability classes, and generated test cases to confirm them.

This is a qualitative shift. Security research has always been limited by the number of expert humans available to do it. AI changes that constraint fundamentally.

What Type of Vulnerabilities Did Claude Find?

Anthropic and Mozilla have not publicly disclosed the specific vulnerability classes found (to avoid giving attackers a roadmap before patches reach all users). However, based on what is publicly known about Firefox's attack surface, high-severity vulnerabilities in browser codebases typically fall into:

• Memory safety bugs: Use-after-free, buffer overflows, and type confusion in C++ rendering code
• JavaScript engine vulnerabilities: Logic errors in SpiderMonkey (Firefox's JS engine) that can be triggered by crafted scripts
• IPC boundary issues: Bugs in the communication layer between the browser's privileged and unprivileged processes
• CSS and layout bugs: Edge cases in the rendering engine that cause memory corruption

Firefox has historically had strength in memory safety through its Rust components, but large portions of its codebase remain C++ — the primary attack surface for memory corruption bugs.

The Implications for Security Teams

For red teams and penetration testers: AI-assisted vulnerability discovery is now a force multiplier. A security team that previously could manually audit 50,000 lines of code per week can now direct an AI agent to cover orders of magnitude more surface area, then focus human expertise on verifying and exploiting the most interesting findings.

For defenders and blue teams: The same capability that helps security researchers find bugs also helps attackers. If Claude can find 22 Firefox vulnerabilities in two weeks as a cooperative research project, a well-resourced attacker using similar AI capabilities could do the same against any target codebase. The asymmetry between attack and defence gets worse.

For open-source projects: Projects like Firefox, Linux, and OpenSSL are publicly auditable — which is good for defenders but means attackers have the same access. AI-assisted security research at scale could accelerate the discovery of latent vulnerabilities that have existed in critical infrastructure for years.

What Anthropic Said

Anthropic published the results in partnership with Mozilla, framing it as a demonstration of AI's potential for security research rather than a threat demonstration. The project was designed to show that AI can be directed toward beneficial security outcomes — finding and fixing bugs before attackers find them.

The implicit argument: if AI is going to be used for security research regardless, it is better for that research to happen in partnerships with vendors who can patch the results, rather than by threat actors who will weaponise them.

The Bigger Picture: AI Versus the CVE Backlog

There are currently over 200,000 known but unpatched CVEs (Common Vulnerabilities and Exposures) across software that organisations are actively running. The security industry has never had enough human researchers to address the backlog. AI-assisted vulnerability discovery could, in principle, help close that gap — but it also means the attack surface of every major software project is now being analysed at a speed and scale that was not previously possible.

The Firefox result is a proof of concept. The real question is what happens when similar capabilities are applied to proprietary software, industrial control systems, or the firmware running critical infrastructure — targets that do not have public codebases, do not have Mozilla's resources, and have not been preparing for AI-assisted attackers.

Key Takeaways

• 22 vulnerabilities found in Firefox in 2 weeks — 14 were high severity
• 14 high-severity bugs = roughly 20% of Mozilla's entire 2025 high-severity remediation workload
• 4.6 million lines of Firefox code analysed by Claude as part of the joint project
• Mozilla confirmed and patched all reported vulnerabilities
• For security developers: AI-assisted code auditing is now a real capability, not a research demo. Tools built on models like Claude can cover codebase surface area that human reviewers cannot. Start integrating AI into your security review pipeline.
• For developers writing C/C++: The Firefox result is a reminder that memory safety bugs in mature codebases are still findable at scale. Rust migration and static analysis are not optional for security-critical code.
• What to watch: Whether Anthropic releases a productised security research tool based on this capability, and whether other browser vendors (Chrome, Safari) run similar exercises