Firefox finds 20 year old bug and patches 14 months of fixes in 30 days using Anthropic’s Mythos AI

Mozilla’s latest Firefox security update provides a rare glimpse into what happens when frontier AI capabilities reach defenders before attackers. The company said it fixed 423 Firefox security bugs in April after gaining access to Claude Mythos Preview, compared with roughly 420 fixes over the previous 14 months. That compression is the signal. The defensive side did in one month what had previously taken more than a year, then disclosed a sample of the bugs to show the depth of latent risk still present inside a mature, heavily tested browser codebase. The strongest anchor is age. One of the disclosed bugs, Bug 2025977 , was a 20-year-old XSLT reentrancy issue in which key() calls could trigger a hash table rehash, free backing storage, and leave a raw entry pointer in use. Another, Bug 2024437 , involved a 15-year-old flaw in the HTML

element. These are exactly the kinds of long-buried defects that can survive ordinary testing, fuzzing, and manual review because they sit inside obscure edge cases, older subsystems, or complex interactions across distant parts of the browser. Mozilla said Claude Mythos Preview helped identify and fix 271 bugs in the Firefox 150 release , with additional fixes shipped in 149.0.2 , 150.0.1 , and 150.0.2 . Of those 271 Firefox 150 bugs, 180 were rated sec-high, 80 were sec-moderate, and 11 were sec-low. A graph showing the volume of Firefox security bug fixes shipped by month, trending in the 20-30 range throughout each month in 2025, with a spike to 60-70 in February and March 2026, up to 423 in April 2026 Mozilla’s security severity framework assigns sec-high to vulnerabilities that can be triggered by normal user behavior, such as visiting a web page. That places the findings in a serious operational category, even where Mozilla had built no full proof of real-world weaponization. The 20-year bug shows how long exploitable-looking flaws can survive Firefox is an old, high-value, heavily scrutinized browser. Its code has been tested by internal teams, external researchers, fuzzers, bug bounty hunters, and attackers for years. That makes the April surge more important because the vulnerabilities surfaced inside a project with mature security engineering rather than inside a lightly reviewed codebase. Mozilla said AI-generated security reports to open-source projects had previously carried a high noise burden for maintainers. Reports could look plausible while still being wrong, and the asymmetry was obvious: generating claims was cheap, while validating them consumed experienced engineering time. The dynamic shifted as models improved and Mozilla built a harness around them. The company described a pipeline that could steer models toward specific code areas, generate reproducible test cases, filter noise, deduplicate findings, triage severity, and move confirmed bugs into the security lifecycle. That surrounding system is central to the result. The model provided discovery power, while the harness turned that power into confirmed reports and patches. The disclosed sample in Mozilla’s technical write-up included a WebAssembly GC bug that could create a fake-object primitive with potential arbitrary read or write, IPC race conditions affecting parent-process reference counts, raw NaN deserialization across an IPC boundary, parent-process stack memory leakage during DNS parsing, use-after-free flaws, and sandbox escape candidates. These are security primitives that attackers value because they can become parts of exploit chains. A memory corruption bug can become a foothold. An information leak can improve reliability. A sandbox escape can expand control from a constrained process into a privileged one. The 20-year-old XSLT issue sharpens the implication. A bug can persist across multiple generations of browser architecture, testing practices, and security staffing. Longevity does not automatically create exploitability, but it does create time for discovery and refinement by anyone capable of finding it. A hostile actor with Mythos-level tooling before Mozilla’s April patch run would have had a larger search surface, a better way to generate proof-of-concept exploits, and a stronger chance of finding old flaws that had escaped previous methods. Mozilla also emphasized that several bugs were sandbox escapes. That category requires precision. A sandbox escape usually assumes that a content process has already been compromised, then uses another vulnerability to reach a more privileged process. In browser exploitation, this is a critical layer. A first-stage bug can place attacker-controlled code inside a constrained rendering process. A second-stage sandbox escape can move execution toward the browser’s parent process, where the attacker has far more leverage. From there, the attacker may try to access browser-mediated data, manipulate web sessions, observe sensitive activity, or pivot into additional device-level exploitation depending on operating-system defenses, pe