Anthropic's Project Glasswing has identified more than 10,000 software vulnerabilities using its Claude AI system, the company disclosed. The haul underscores a growing disconnect: AI can spot flaws far faster than human teams can fix them.
What Project Glasswing Found
Inside the project, Claude combed through codebases and flagged security weaknesses at a pace no human review could match. The 10,000-plus vulnerabilities span a range of severity, though the company did not break out how many were critical. What matters, according to those involved, is the sheer volume. Automated detection at this scale is new, and it pushes the question of how to keep up.
The Patching Gap
The numbers reveal a bottleneck. AI-driven discovery now far outstrips the capacity of development and security teams to patch or mitigate each issue. A single vulnerability can take days or weeks to fix properly, depending on its complexity and the system it affects. Multiply that by 10,000, and the math doesn't work with current staffing and tooling. The result is a backlog that leaves organizations exposed.
Cybersecurity teams already struggle with alert fatigue and limited resources. Project Glasswing shows that AI can supercharge the detection half of the problem, but the remediation half remains stuck in manual workflows. Without a parallel leap in automated patching or triage, the gap will only widen. Anthropic hasn't proposed a specific fix, but the project's findings make the imbalance impossible to ignore.
The company is expected to release more technical details about the vulnerabilities discovered in the coming weeks. For now, the industry faces a straightforward but hard question: how do you patch faster than an AI can find?
