Behind the Mythos hype, Glasswing has just one confirmed CVE
Summary
Anthropic's Mythos AI model, released through Project Glasswing (a controlled access program for vetted organizations), has generated significant hype for its offensive security capabilities, but VulnCheck's analysis found only one CVE (common vulnerabilities and exposures, a list of known security flaws) explicitly attributed to the project itself. Despite the limited number of publicly confirmed discoveries, security experts view Mythos as significant because it achieved a 72% exploit success rate (the ability to successfully turn vulnerabilities into working attacks), suggesting that advanced AI exploit development is no longer a specialized skill and this capability will likely spread to other AI models and organizations without the same safety protections.
Classification
Affected Vendors
Related Issues
Original source: https://www.csoonline.com/article/4159617/behind-the-mythos-hype-glasswing-has-just-one-confirmed-cve.html
First tracked: April 16, 2026 at 08:00 AM
Classified by LLM (prompt v3) · confidence: 85%