Mythos Finds a Curl Vulnerability

Mythos 发现了一个 Curl 漏洞

yes, as in singular one. Back in April 2026 Anthropic caused a lot of media noise when they concluded that their new AI model Mythos is dangerously good at finding security flaws in source code. Apparently Mythos was so good at this that Anthropic would not release this model to the public yet but instead trickle it out to a selected few companies for a while to allow a few good ones(?) to get a head start and fix the most pressing problems first, before the general populace would get their hands on it. The whole world seemed to lose its marbles. Is this the end of the world as we know it? An amazingly successful marketing stunt for sure. 是的，正如标题所言，只有一个。2026 年 4 月，Anthropic 公司宣称其新 AI 模型 Mythos 在发现源代码安全漏洞方面表现出“危险的”卓越能力，这在媒体界引起了轩然大波。显然，Mythos 的表现过于出色，以至于 Anthropic 决定暂不向公众发布该模型，而是先将其小范围提供给少数几家精选公司，让这些“优选者”能够抢占先机，在普通大众接触到它之前先修复最紧迫的问题。全世界似乎都为此陷入了疯狂。这是我们所知的世界末日吗？这无疑是一场极其成功的营销噱头。

My (non-) access Part of the deal with project Glasswing was that Anthropic also offered access to their latest AI model to “Open Source projects” via Linux Foundation. Linux Foundation let their project Alpha Omega handle this part, and I was contacted by their representatives. As lead developer of curl I was offered access to the magic model and I graciously accepted the offer. Sure, I’d like to see what it can find in curl. I signed the contract for getting access, but then nothing happened. Weeks went past and I was told there was a hiccup somewhere and access was delayed. Eventually, I was instead offered that someone else, who has access to the model, could run a scan and analysis on curl for me using Mythos and send me a report. To me, the distinction isn’t that important. It’s not that I would have a lot of time to explore lots of different prompts and doing deep dive adventures anyway. Getting the tool to generate a first proper scan and analysis would be great, whoever did it. I happily accepted this offer. (I am purposely leaving out the identity of the individual(s) involved in getting the curl analysis done as it is not the point of this blog post.) 我的（非）访问权限：作为 Glasswing 项目协议的一部分，Anthropic 还通过 Linux 基金会向“开源项目”提供其最新 AI 模型的访问权限。Linux 基金会将其中的相关工作交由 Alpha Omega 项目处理，我随后接到了他们的代表联系。作为 curl 的首席开发者，我获得了访问该“魔法模型”的资格，并欣然接受了邀请。当然，我很想看看它能在 curl 中发现什么。我签署了访问协议，但随后却没了下文。几周过去了，我被告知中间出了点小插曲，访问权限被延迟了。最终，对方提出由另一位拥有访问权限的人代我使用 Mythos 对 curl 进行扫描和分析，并将报告发送给我。对我来说，这两种方式区别不大。反正我也没有太多时间去探索各种不同的提示词（prompts）或进行深度挖掘。只要能让该工具生成一份初步的、规范的扫描分析报告，无论由谁操作都很好。我愉快地接受了这个提议。（我特意隐去了参与协助完成 curl 分析的人员身份，因为这并非本文的重点。）

AI scans of curl Before this first Mythos report, we had already scanned curl with several different very capable AI powered tools (I mean in addition to running a number of “normal” static code analyzers all the time, using the pickiest compiler options and doing fuzzing on it for years etc). Primarily AISLE, Zeropath and OpenAI’s Codex Security have been used to scrutinize the code with AI. These tools and the analyses they have done have triggered somewhere between two and three hundred bugfixes merged in curl through-out the recent 8-10 months or so. A bunch of the findings these AI tools reported were confirmed vulnerabilities and have been published as CVEs. Probably a dozen or more. Nowadays we also use tools like GitHub’s Copilot and Augment code to review pull requests, and their remarks and complaints help us to land better code and avoid merging new bugs. I mean, we still merge bugs of course but the PR review bots regularly highlight issues that we fix: our merges would be worse without them. The AI reviews are used in addition to the human reviews. They help us, they don’t replace us. We also see a high volume of high quality security reports flooding in: security researchers now use AI extensively and effectively. Security is a top priority for us in the curl project. We follow every guideline and we do software engineering properly, to reduce the number of flaws in code. Scanning for flaws is just one of many steps to keep this ship safe. You need to search long and hard to find another software project that makes as much or goes further than curl, for software security. 对 curl 的 AI 扫描：在收到这份 Mythos 报告之前，我们已经使用几种功能强大的 AI 工具对 curl 进行了扫描（除了长期运行各种“常规”静态代码分析器、使用最严苛的编译器选项以及多年来持续进行的模糊测试之外）。我们主要使用 AISLE、Zeropath 和 OpenAI 的 Codex Security 来对代码进行 AI 审查。在过去 8 到 10 个月里，这些工具及其分析结果促使我们在 curl 中合并了二到三百个漏洞修复。这些 AI 工具报告的许多发现已被确认为漏洞，并以 CVE 的形式发布，数量可能在十几个以上。如今，我们还使用 GitHub Copilot 和 Augment code 等工具来审查拉取请求（PR），它们的反馈和建议帮助我们提交了更好的代码，并避免合并新的错误。当然，我们仍然会合并错误，但 PR 审查机器人会定期指出我们需要修复的问题：如果没有它们，我们的合并质量会更差。AI 审查是人工审查的补充，它们是我们的助手，而非替代者。我们还看到大量高质量的安全报告涌入：安全研究人员现在正广泛且有效地利用 AI。安全是 curl 项目的重中之重。我们遵循每一项准则，并以规范的软件工程流程来减少代码中的缺陷。扫描漏洞只是确保这艘大船安全运行的众多步骤之一。你很难再找到另一个像 curl 这样在软件安全方面投入如此之多、走得如此之远的软件项目了。

Steps involved in keeping curl secure May 6, 2026 It was with great anticipation we received the first source code analysis report generated with Mythos. Another chance for us to find areas to improve and bugs to fix. To make an even better curl. This initial scan was made on curl’s git repository and its master branch of a certain recent commit. It counted 178K lines of code analyzed in the src/ and lib/ subdirectories. The analysis details several different approaches and methods it has performed the search, and how it has focused on trying to find which flaws. A fun note in the top of the report says: curl is one of the most fuzzed and audited C codebases in existence (OSS-Fuzz, Coverity, CodeQL, multiple paid audits). Finding anything in the hot paths (HTTP/1, TLS, URL parsing core) is unlikely. … and it correctly found no problems in those areas. 确保 curl 安全的步骤：2026 年 5 月 6 日，我们怀着极大的期待收到了第一份由 Mythos 生成的源代码分析报告。这是我们发现改进空间和修复漏洞的又一次机会，旨在打造一个更好的 curl。这次初步扫描针对的是 curl 的 git 仓库及其 master 分支的某个近期提交。它分析了 src/ 和 lib/ 子目录中总计 17.8 万行代码。分析报告详细说明了它所采用的几种不同搜索方法和途径，以及它重点关注的漏洞类型。报告开头有一条有趣的注释：“curl 是现存经过最多次模糊测试和审计的 C 代码库之一（OSS-Fuzz、Coverity、CodeQL 以及多次付费审计）。在热点路径（HTTP/1、TLS、URL 解析核心）中发现问题的可能性极低。”……事实证明，它确实没有在这些区域发现任何问题。

The size of curl: curl is currently 176,000 lines of C code when we exclude blank lines. The source code consists of 660,000 words, which is 12% more words than the entire English edition of the novel War and Peace. On average, every single production source code line of curl has been written (and then rewritten) 4.14 times. We have polished on this. Right now, the existing production code in git master that still remains, has been authored by 573 separate individuals. Over time, a total of 1,465 individuals have so far had their proposed changes merged into curl’s git repository. We have published 188 CVEs for curl up until now. curl is installed in over twenty billion instances. It runs on over 110 operating systems and 28 CPU architectures. It runs in every smart phone, tablet, car, TV, game console and server on earth. curl 的规模：除去空行，curl 目前拥有 17.6 万行 C 代码。其源代码包含 66 万个单词，比整部英文版小说《战争与和平》的单词量还要多出 12%。平均而言，curl 的每一行生产环境源代码都被编写（并重写）过 4.14 次。我们一直在对其进行打磨。目前，git master 分支中现存的生产代码由 573 位不同的个人编写。随着时间的推移，总共有 1,465 位贡献者将他们的代码合并到了 curl 的 git 仓库中。到目前为止，我们已经为 curl 发布了 188 个 CVE。curl 的安装实例超过 200 亿个，运行在 110 多种操作系统和 28 种 CPU 架构上。它运行在地球上每一部智能手机、平板电脑、汽车、电视、游戏机和服务器中。

Five findings became one: The report concluded it found five “Confirmed security vulnerabilities”. I think using the term confirmed is a little amusing when the AI says it confidently by itself. Yes, the AI thinks they are confirmed, but the curl security team has a slightly different take. Five issues felt like nothing as we had expected an extensive list. Once my curl security team fellows and I had poked on the this short list for a number of hours and dug into the details, we had trimmed the list down and were left with one confirmed vulnerability. The other four were three false positives (they highlighted shortcomings that are documented in API documentation) and the fourth we deemed “just a bug”. The single confirmed vulnerability is going to end up a… 五个发现变成了一个：报告总结称它发现了五个“已确认的安全漏洞”。当 AI 自信地宣称这些漏洞已“确认”时，我觉得这个词用得有点滑稽。是的，AI 认为它们已确认，但 curl 安全团队的看法略有不同。五个问题感觉微不足道，因为我们原本预期会有一个很长的列表。我和 curl 安全团队的同事们花了几小时仔细研究了这个简短的列表并深入挖掘细节后，我们将列表缩减到了只剩下一个已确认的漏洞。其余四个中，有三个是误报（它们指出的缺陷在 API 文档中已有说明），第四个我们认为“只是一个普通的 bug”。这唯一一个已确认的漏洞最终将……