Anthropic has identified 22 vulnerabilities in the Mozilla Firefox web browser during a recent security collaboration with Mozilla, highlighting the growing role of artificial intelligence in software security testing.

According to a post by Anthropic, its researchers discovered 22 separate bugs in Firefox, including 14 classified as high-severity. Most of the vulnerabilities have already been fixed in Firefox 148, released in February, while a handful of patches are expected in a forthcoming update.

The findings were uncovered using Anthropic’s AI model, Claude Opus 4.6, during a two-week review of the browser’s codebase. The team initially focused on Firefox’s JavaScript engine before expanding its analysis to other components of the software.

Anthropic said it selected Firefox for the exercise because of the scale and maturity of the project, describing it as “both a complex codebase and one of the most well-tested and secure open-source projects in the world.”

Notably, Claude Opus excelled at identifying vulnerabilities but struggled to produce exploit code.

The team reportedly spent $4,000 in API credits attempting to create proof-of-concept exploits, succeeding in only two cases.

The effort highlights both the promise and the challenges of using AI for open-source projects.