Claude Opus 4.6 Discovers Over 500 Vulnerabilities in Open Source Libraries

The updated version of the AI model Claude Opus 4.6, developed by Anthropic, has detected over 500 security vulnerabilities in open source libraries, announced last Thursday (05). These vulnerabilities were not publicly known until now.

The new generation of AI features significant enhancements in cybersecurity capabilities, as well as improvements in research, financial analysis, and document generation. One of the innovations includes support for long contexts of up to 1 million tokens.

Advanced Detection Capability

During testing, Claude Opus 4.6 was deployed on a virtual machine where it analyzed the latest versions of open source projects. It is important to highlight that, without specific instructions to look for vulnerabilities, the AI was able to identify a significant number of gaps.

• The AI listed the zero-day vulnerabilities detected;
• It simulated the actions of a human programmer, examining previous fixes to identify patterns of issues;
• Each identified flaw underwent validation by human researchers;
• This process prevented the findings from being the result of AI hallucinations, a phenomenon where bots generate incorrect results.

Among the identified vulnerabilities, one affected GhostScript, which processes PDF and PostScript files. The startup also shared details about flaws in OpenSC, which handles smart card data, and in the CGIF library, which works with GIF files.

Engineers were impressed with the AI's ability to validate and produce proofs of concept to demonstrate the existence of flaws. All highlighted vulnerabilities have already been patched in their respective libraries.

To prevent potential abuse of the advanced capabilities of Claude Opus 4.6, Anthropic has implemented protective measures that help detect and block malicious activities.

Stay tuned to TecMundo for more news about AI and cybersecurity. Share with your friends on social media.