Anthropic made headlines claiming Claude Mythos achieved the “first remote kernel exploit discovered and exploited by an AI.” We went looking for how - and found a 20-year-old bug hiding in plain sight.
# What did Claude Find? In Anthropic’s initial Claude Mythos post, they discuss multiple different vulnerabilities that Mythos discovered and exploited. The one with the most detail (including a CVE and full technical writeup) is CVE-2026-4747 - a remote code execution capability in FreeBSD’s networked file system. [...] This vulnerable code has roots in Sun Microsystem’s Open Network Computing Remote Procedure Call (ONC RPC) and its Network File System (NFS) - developed initially in 1984 and released in 1985. [...] So, you would expect Mythos’ CVE to be for MIT’s implementation too? Is it possible we have a bigger problem on our hands? Please welcome, an oldie-but-goodie, CVE-2007-3999! [...] The George Bush-era patch to Kerberos is also nearly identical to what FreeBSD implemented last month in response to Mythos [...] in the case of CVE-2026-4747, the finding of the vulnerability itself seems much more an instance of combinatorial creativity, with AI making a discovery already within its training data. # Bottom Lines Understanding the true risk of AI in cybersecurity means separating the sci-fi hype from the reality of how these models actually work. The FreeBSD’s CVE was caused by human negligence in the early 2000’s. But, in 2026, decades-old flaws are being baked directly into our systems faster than ever. LLMs, as they configure our environments and write new code, regurgitate the same insecure patterns they were trained on. Continua con una breve ma interessante analisi storica del codice di FreeBSD qui: https://rival.security/posts/mythos-discovered-a-cve-already-in-its-training-data---and-thats-still-worrying Si noti comunque come riconoscere Claude Mythos come un grosso archivio compresso con perdita di cui è possibile estrarre approssimazioni di alcune zone prossime all'input (prompt, contesto etc...) non lo rende inutile. Giacomo
