- Anthropic releases Claude Opus 4.6, claiming major improvements in detecting high-severity vulnerabilities
- The model found more than 500 flaws by reasoning about the code like a human researcher, outperforming fuzzing techniques
- Focused on securing open source software, with patches already available; company calls for rapid action while AI can still work at scale
Anthropic has released Claude Opus 4.6, the latest version of its most powerful extended language model (LLM), and claims it is “notably better” at detecting high-severity vulnerabilities compared to previous models. In fact, Opus 4.6 has so far managed to find over 500 such vulnerabilities.
Anthropic said Opus 4.6 stood out for how it detected vulnerabilities “out of the box, without task-specific tools, custom scaffolding, or specialized prompts.” »
He also added that unlike fuzzing, which is a standard vulnerability finding technique, Opus works by reasoning about code “like a human researcher would,” meaning it looked at past patches to find similar bugs that haven’t been fixed, spotting patterns that tend to cause problems, and understood the logic “well enough to know exactly what input would break it.”
Repair open source software
Even when using it on some of the most tested codebases, projects that fuzzers had been working against for years, Opus still managed to find high-severity flaws that had gone unnoticed for “decades.”
Anthropic said it began using Claude to help patch vulnerabilities in open source software, primarily because it works “everywhere, from enterprise systems to critical infrastructure,” and because vulnerabilities in such software are felt across the Internet. Additionally, much of today’s most widely used open source software is run by a small team of volunteers, meaning resources are more than limited.
The results have been remarkable, the company says: “So far, we’ve found and validated more than 500 high-severity vulnerabilities. We’ve started reporting them and are seeing our first patches arrive, and we’re continuing to work with the maintainers to fix the others.”
He concludes that AI models can now detect high-severity vulnerabilities at scale, but emphasizes that this may not be the case in the near future. “Now is the time to act quickly to hold defenders accountable and secure as much code as possible while the window exists.”
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
