Full Report
Like the majority of the companies participating, it remains a mystery Last week, Anthropic surprised the world by declaring that its latest model, Mythos, is so good at finding vulns that it would create chaos if released. Now, under the title of Project Glasswing, over 50 selected companies and orgs are allowed to test the hyped up LLM to find security holes in their own products. But just how many problems have they really discovered?…
Analysis Summary
# Vulnerability: FreeBSD RPCSEC_GSS Remote Code Execution
## CVE Details
- **CVE ID:** CVE-2026-4747
- **CVSS Score:** Not explicitly listed (Estimated Critical based on Root RCE description)
- **CWE:** Not specified (Memory corruption/Logic flaw in legacy code)
## Affected Systems
- **Products:** FreeBSD Operating System
- **Versions:** Vulnerable code present for approximately 17 years; specific version ranges not fully detailed in text.
- **Configurations:** Systems running Network File System (NFS) with RPCSEC_GSS enabled.
## Vulnerability Description
CVE-2026-4747 is a 17-year-old remote code execution (RCE) vulnerability within the FreeBSD kernel's implementation of the RPCSEC_GSS protocol. The flaw resides in how the system handles authenticated network requests. It was discovered autonomously by Anthropic’s "Mythos" LLM, which identified a path to compromise memory and achieve code execution at the kernel level.
## Exploitation
- **Status:** PoC available (Developed and verified by Anthropic's Mythos model)
- **Complexity:** Low (Described as fully autonomous exploitation by AI)
- **Attack Vector:** Network
- **Note:** Anthropic claims the exploit allows an unauthenticated or remote attacker to gain root access on a machine running NFS.
## Impact
- **Confidentiality:** High (Full system access)
- **Integrity:** High (Full system access/Root level)
- **Availability:** High (Potential for system crash or takeover)
## Remediation
### Patches
- Users are advised to refer to **FreeBSD Security Advisory FreeBSD-SA-26:08.rpcsec_gss**.
- Official patches are available via the FreeBSD security team.
### Workarounds
- Disable NFS services if not required.
- Restrict access to RPC/NFS ports via firewall (600/tcp, 2049/tcp) to trusted networks only.
## Detection
- **Indicators of compromise:** Unusual kernel crashes or unauthorized root-level activity originating from the NFS daemon process.
- **Detection methods and tools:** Monitor network traffic for malformed RPCSEC_GSS packets. Use vulnerability scanners updated with the latest FreeBSD security definitions.
## References
- FreeBSD Security Advisory: [https://www.freebsd[.]org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc]
- CVE Record: [https://www.cve[.]org/CVERecord?id=CVE-2026-4747]
- VulnCheck Analysis: [https://www.vulncheck[.]com/blog/anthropic-glasswing-cves]
- NVD Entry: [https://nvd.nist[.]gov/vuln/detail/CVE-2026-4747]
***
**Note on other findings mentioned in the article:**
While the article references 40 potential CVEs, only **CVE-2026-4747** is definitively linked to Project Glasswing/Mythos at this time. Other notable findings without assigned CVEs include:
- A 27-year-old bug in **OpenBSD** (SACK-related, patched in patch 025).
- A 16-year-old **FFmpeg** bug.
- **Linux kernel** privilege escalation chains.