How did Claude find vulnerabilities in Firefox?

Claude analysed Firefox's approximately 4.6 million lines of source code as part of a joint research project with Mozilla. The AI was given access to the codebase and tasked with identifying security vulnerabilities autonomously, without prior specialisation in Firefox internals. It found 22 confirmed vulnerabilities in two weeks, 14 of which were high severity. Mozilla confirmed and patched all reported issues.

Are the Firefox vulnerabilities Claude found already patched?

Yes. Anthropic announced the results in partnership with Mozilla after the vulnerabilities were confirmed and patched. The specific vulnerability details have not been fully disclosed publicly to avoid giving attackers a roadmap, but all 22 issues were addressed before the research was published.

Does this mean AI can replace security researchers?

Not replace, but significantly augment. Claude found 14 high-severity Firefox bugs in two weeks — work that would take a team of human specialists much longer to replicate. However, human expertise is still needed to verify findings, assess exploitability, develop working exploits, and understand business context. The realistic near-term outcome is that security teams use AI to cover more codebase surface area, then focus human effort on the most critical findings.

Can attackers use the same AI to find vulnerabilities?

Yes. The same AI capability that found Firefox vulnerabilities in a cooperative research context can be directed at any target with a public codebase. Firefox, Linux, OpenSSL, and thousands of other open-source projects are fully public. Anthropic framing this as beneficial security research is partly an argument for why AI security research should happen in coordination with vendors — because it will happen regardless.

Which companies are using AI for security research?

Anthropic (Claude + Mozilla), Google (Project Zero with AI assistance), Microsoft (GitHub Copilot for security analysis), and multiple specialised startups including Protect AI, Snyk, and Veracode are all integrating AI into vulnerability discovery workflows. The Firefox project is the most publicly detailed example of an AI finding high-severity bugs in a major production codebase at scale.

Cybersecurity AI Anthropic

Claude Found 22 Firefox Vulnerabilities in 2 Weeks: AI Just Changed Security Research

Abhishek Gautam·March 9, 2026·7 min read

Quick summary

Anthropic's Claude found 22 vulnerabilities in Firefox in just two weeks during a joint project with Mozilla. 14 were high severity — a fifth of all high-severity bugs Mozilla fixed in all of 2025.

Anthropic's Claude found 22 vulnerabilities in Firefox in just two weeks. Of those, 14 were classified as high severity — representing a fifth of all high-severity bugs Mozilla fixed across the entire year of 2025. The result came from a joint security research project between Anthropic and Mozilla designed to test whether AI could systematically find vulnerabilities in production-grade open-source software.

What Happened

Anthropic partnered with Mozilla to give Claude access to the Firefox codebase and tasked it with finding security vulnerabilities autonomously. Claude analysed approximately 4.6 million lines of code over two weeks.

The result: 22 confirmed vulnerabilities. 14 of those were rated high severity. To put that number in context — Mozilla's security team typically remediates around 70 high-severity bugs per year across all of Firefox. Claude found 14 in two weeks, representing roughly 20% of a full year's high-severity remediation work.

These were not trivial or theoretical issues. Mozilla confirmed and patched the vulnerabilities, meaning they were real, exploitable bugs in production code that users download and run.

Why This Matters More Than a Bug Bounty Record

Security research has traditionally been a human-intensive discipline. Finding a single critical vulnerability in a mature codebase like Firefox — which has had thousands of engineers and researchers scrutinising it for over two decades — typically takes weeks of manual effort, deep expertise in browser internals, and significant domain knowledge.

Claude found 14 high-severity bugs in two weeks with no prior specialisation in Firefox internals. It did not need to understand browser architecture the way a human specialist does. It read the code, inferred likely vulnerability classes, and generated test cases to confirm them.

This is a qualitative shift. Security research has always been limited by the number of expert humans available to do it. AI changes that constraint fundamentally.

What Type of Vulnerabilities Did Claude Find?

Anthropic and Mozilla have not publicly disclosed the specific vulnerability classes found (to avoid giving attackers a roadmap before patches reach all users). However, based on what is publicly known about Firefox's attack surface, high-severity vulnerabilities in browser codebases typically fall into:

Memory safety bugs: Use-after-free, buffer overflows, and type confusion in C++ rendering code
JavaScript engine vulnerabilities: Logic errors in SpiderMonkey (Firefox's JS engine) that can be triggered by crafted scripts
IPC boundary issues: Bugs in the communication layer between the browser's privileged and unprivileged processes
CSS and layout bugs: Edge cases in the rendering engine that cause memory corruption

Firefox has historically had strength in memory safety through its Rust components, but large portions of its codebase remain C++ — the primary attack surface for memory corruption bugs.

The Implications for Security Teams

For red teams and penetration testers: AI-assisted vulnerability discovery is now a force multiplier. A security team that previously could manually audit 50,000 lines of code per week can now direct an AI agent to cover orders of magnitude more surface area, then focus human expertise on verifying and exploiting the most interesting findings.

For defenders and blue teams: The same capability that helps security researchers find bugs also helps attackers. If Claude can find 22 Firefox vulnerabilities in two weeks as a cooperative research project, a well-resourced attacker using similar AI capabilities could do the same against any target codebase. The asymmetry between attack and defence gets worse.

For open-source projects: Projects like Firefox, Linux, and OpenSSL are publicly auditable — which is good for defenders but means attackers have the same access. AI-assisted security research at scale could accelerate the discovery of latent vulnerabilities that have existed in critical infrastructure for years.

What Anthropic Said

Anthropic published the results in partnership with Mozilla, framing it as a demonstration of AI's potential for security research rather than a threat demonstration. The project was designed to show that AI can be directed toward beneficial security outcomes — finding and fixing bugs before attackers find them.

The implicit argument: if AI is going to be used for security research regardless, it is better for that research to happen in partnerships with vendors who can patch the results, rather than by threat actors who will weaponise them.

The Bigger Picture: AI Versus the CVE Backlog

There are currently over 200,000 known but unpatched CVEs (Common Vulnerabilities and Exposures) across software that organisations are actively running. The security industry has never had enough human researchers to address the backlog. AI-assisted vulnerability discovery could, in principle, help close that gap — but it also means the attack surface of every major software project is now being analysed at a speed and scale that was not previously possible.

The Firefox result is a proof of concept. The real question is what happens when similar capabilities are applied to proprietary software, industrial control systems, or the firmware running critical infrastructure — targets that do not have public codebases, do not have Mozilla's resources, and have not been preparing for AI-assisted attackers.

Key Takeaways

22 vulnerabilities found in Firefox in 2 weeks — 14 were high severity
14 high-severity bugs = roughly 20% of Mozilla's entire 2025 high-severity remediation workload
4.6 million lines of Firefox code analysed by Claude as part of the joint project
Mozilla confirmed and patched all reported vulnerabilities
For security developers: AI-assisted code auditing is now a real capability, not a research demo. Tools built on models like Claude can cover codebase surface area that human reviewers cannot. Start integrating AI into your security review pipeline.
For developers writing C/C++: The Firefox result is a reminder that memory safety bugs in mature codebases are still findable at scale. Rust migration and static analysis are not optional for security-critical code.
What to watch: Whether Anthropic releases a productised security research tool based on this capability, and whether other browser vendors (Chrome, Safari) run similar exercises

Free Weekly Briefing

The AI & Dev Briefing

One honest email a week — what actually matters in AI and software engineering. No noise, no sponsored content. Read by developers across 30+ countries.

No spam. Unsubscribe anytime.