TL;DR
Depthfirst’s AI agent discovered 21 FFmpeg zero-days for $1,000. Chrome 149 patched a report 429 bugs. AI is flooding defenders with extra bugs than they’ll deal with.
A safety startup’s autonomous AI agent found 21 previously unknown vulnerabilities in FFmpeg, the open-source media library embedded in nearly every part that touches video. The startup, depthfirst, says the run value roughly $1,000 in compute. A number of the bugs had been hiding within the codebase for greater than 20 years.
Days later, Google shipped Chrome 149 with patches for 429 safety bugs, essentially the most ever in a single browser launch. Over 100 are important or excessive severity. The 2 occasions arrived independently, however they level in the identical path: AI is discovering vulnerabilities sooner than people can repair them.
Depthfirst’s agent scanned FFmpeg’s roughly 1.5 million traces of C and produced a reproducible proof-of-concept for every of the 21 zero-days. Most are heap or stack overflows in parsers and demuxers, spanning elements from the TS demuxer to the VP9 decoder. One stack overflow within the service-description-table code dates to 2003.
9 already carry CVE identifiers (CVE-2026-39210 by means of CVE-2026-39218). The remainder have been mounted upstream however not but numbered. Depthfirst has published proof-of-concept code.
TNW Metropolis Coworking area – The place your greatest work occurs
A workspace designed for development, collaboration, and countless networking alternatives within the coronary heart of tech.
FFmpeg just isn’t new to AI-driven bug searching. Google’s Huge Sleep agent reported a run of FFmpeg bugs final 12 months. Anthropic’s Mythos mannequin pulled a 16-year-old H.264 flaw and others out of FFmpeg for about $10,000. Depthfirst claims to have executed comparable work at a tenth of the price.
Chrome 149’s report haul is a distinct story. Google has not attributed the 429 vulnerabilities to AI. However the firm overhauled its bug bounty programme in April after a flood of AI-generated submissions, now asking researchers for concise reproducers as a substitute of the lengthy writeups AI tends to supply.
The worst bug, CVE-2026-10881, scores 9.6 on the CVSS scale. It’s an out-of-bounds learn and write within the ANGLE graphics engine that lets a crafted web page escape Chrome’s sandbox and run code on the host. Google paid $97,000 for the report. Of the 22 important bugs, 19 had been discovered internally.
The sample retains repeating. An autonomous instrument lately discovered an authenticated distant code execution flaw in Redis that had gone unnoticed for over two years. A February research confirmed an AI agent might reproduce working exploits for greater than half of 100 actual Linux kernel bugs, beating conventional fuzzing.
The laborious drawback is shifting. Discovering these bugs has change into low-cost. Triaging the reviews, delivery the fixes, and getting them put in has not. A lot of that work nonetheless falls on volunteers and a skinny layer of human triagers now anticipated to maintain tempo with machines. Mozilla patched 271 Firefox vulnerabilities discovered by Mythos in a single move. The query is not whether or not AI can discover the bugs. It’s whether or not anybody can repair them quick sufficient.