Jul 3, 2026

Epoch AI has charted the massive spike in reported security vulnerabilities. In June 2026, 21 organizations reported about 1,500 high-severity and critical vulnerabilities (CVEs), more than 3.5 times the previous monthly record.

Monthly reports of high-severity and critical vulnerabilities (CVEs). The surge starting in April 2026 lines up with the release of Anthropic's Claude Mythos Preview. | Image: Epoch AI

The spike follows Anthropic's announcement in April that its model Claude Mythos Preview can find software vulnerabilities on its own. According to Anthropic, trusted partners were already using the model to find and fix bugs before its release. Anthropic's "Glasswing" program has reportedly uncovered more than 10,000 high-severity or critical vulnerabilities so far, some of which haven't been published yet. OpenAI's "Daybreak" program is likely adding to the surge as well. Epoch AI says the jump in reported vulnerabilities reflects a wave of AI-driven discoveries.

AI News Without the Hype – Curated by Humans