Redeploying Fable 5

Redeploying Fable 5

重新部署 Fable 5

Announcements 公告

Redeploying Fable 5 重新部署 Fable 5

Jun 30, 2026 2026年6月30日

Update: Claude Fable 5 and Mythos 5 redeployed 更新:Claude Fable 5 与 Mythos 5 已重新部署

Jul 1, 2026 2026年7月1日

Access to Claude Fable 5 and Mythos 5 is now restored. On Friday, June 12, the US government applied export controls to our newest models, Claude Fable 5 and Claude Mythos 5. This required us to restrict access to foreign nationals, whether inside or outside the United States. Because the order took effect immediately and we had no reliable way to verify nationality in real-time, we suspended access to both models for all users. Claude Fable 5 和 Mythos 5 的访问权限现已恢复。6月12日(周五),美国政府对我们最新的模型 Claude Fable 5 和 Claude Mythos 5 实施了出口管制。这要求我们限制外国公民(无论其身处美国境内还是境外)的访问权限。由于该指令立即生效,且我们无法实时核实用户国籍,因此我们暂停了所有用户对这两个模型的访问。

As of today, June 30, the export controls on Fable 5 and Mythos 5 have been lifted. 截至今日(6月30日),针对 Fable 5 和 Mythos 5 的出口管制已被解除。

Fable 5 will be available starting tomorrow, Wednesday, July 1, to users globally on the Claude Platform, Claude.ai, Claude Code, and Claude Cowork. For Pro, Max, Team, and select Enterprise plans, Fable 5 will be included for up to 50% of weekly usage limits through July 7, after which it will be available via usage credits. We will re-enable access on AWS, Google Cloud, and Microsoft Foundry as quickly as possible. Fable 5 将于明天(7月1日,周三)起向全球用户开放,涵盖 Claude 平台、Claude.ai、Claude Code 和 Claude Cowork。对于 Pro、Max、Team 及部分企业版计划,在7月7日之前,Fable 5 将包含在每周使用限额的50%以内,此后将通过使用额度(usage credits)提供。我们将尽快恢复其在 AWS、Google Cloud 和 Microsoft Foundry 上的访问权限。

We have also restored access to Mythos 5 for a set of US organizations, following the US government’s approval on June 26. We continue to coordinate with the government to expand access to the broader set of domestic and international partners in the Glasswing program. 在获得美国政府6月26日的批准后,我们也已恢复了部分美国机构对 Mythos 5 的访问权限。我们正继续与政府协调,以扩大 Glasswing 项目中更广泛的国内及国际合作伙伴的访问权限。

In the remainder of this post, we provide further details and updates in four areas: 在本文的后续部分,我们将提供四个方面的详细信息与更新:

  • A timeline of events, including updates we made to our safeguards. We discuss the events that led to the export control directive and how we addressed it with new safeguards.
  • 事件时间线,包括我们对安全防护措施所做的更新。 我们将讨论导致出口管制指令的事件,以及我们如何通过新的安全防护措施来应对。
  • Our general approach to safeguards. We provide more context on how we use safety classifiers to detect potentially dangerous cybersecurity uses of our models.
  • 我们的通用安全防护方法。 我们将提供更多背景信息,说明我们如何利用安全分类器来检测模型中潜在的危险网络安全用途。
  • A shared industry framework. Although we have reached a constructive resolution, these events have made clear that the industry needs a consistent way to assess and fix potential “jailbreaks” of AI models (techniques that bypass a model’s safeguards). A shared standard for judging the severity of a given jailbreak would help AI developers triage new findings as they arise, launch highly capable models with greater safety, and communicate the level of risk consistently to government and industry partners. Together with Amazon, Microsoft, Google, and other Glasswing partners, we’ve started to develop such a framework, and we outline it below.
  • 共享的行业框架。 尽管我们已经达成了一个建设性的解决方案,但这些事件清楚地表明,行业需要一种一致的方法来评估和修复 AI 模型的潜在“越狱”(即绕过模型安全防护的技术)。一套用于判断特定越狱严重程度的共享标准,将有助于 AI 开发者在发现新问题时进行分类处理,在更高安全性的前提下发布高性能模型,并向政府和行业合作伙伴一致地传达风险水平。我们已与亚马逊、微软、谷歌及其他 Glasswing 合作伙伴共同开始开发此类框架,并在下文概述其内容。
  • Deeper government collaboration. We’re also strengthening our level of collaboration with the US government on new pre-release testing, information sharing, and research collaboration. We describe this deeper collaboration in the final section.
  • 更深层次的政府合作。 我们也在加强与美国政府在发布前测试、信息共享和研究合作方面的协作水平。我们将在最后一部分描述这种更深层次的合作。

Timeline and safeguard updates

时间线与安全防护更新

We released Fable 5 and Mythos 5 on Tuesday, June 9. They both share the same underlying model, but Fable 5 was released with strong safeguards to make it safer for general use. Mythos 5, which has fewer safeguards, was only released to a small number of trusted Project Glasswing partners for use in defensive cybersecurity. 我们于6月9日(周二)发布了 Fable 5 和 Mythos 5。它们共享同一个底层模型,但 Fable 5 在发布时配备了强大的安全防护措施,使其更适合通用场景。而安全防护较少的 Mythos 5 仅向少数受信任的 Project Glasswing 合作伙伴开放,用于防御性网络安全领域。

The export control directive on June 12 came after the government became aware of a report in which Amazon researchers had found a method of bypassing Fable 5’s safeguards: prompting it so that it identified a number of software vulnerabilities. In one case, the model produced code demonstrating how the relevant vulnerability could be exploited. Over the past two weeks, we have worked closely with the government and other partners, including Amazon, to review the report and evidence. 6月12日的出口管制指令是在政府获悉一份报告后发布的。该报告显示,亚马逊的研究人员发现了一种绕过 Fable 5 安全防护的方法:通过提示词引导模型识别出若干软件漏洞。在其中一个案例中,模型生成了演示如何利用相关漏洞的代码。在过去两周里,我们与政府及包括亚马逊在内的其他合作伙伴密切合作,对该报告和证据进行了审查。

Our testing confirmed that many less capable models—including Claude Opus 4.8, GPT-5.5, and Kimi K2.7—could identify the same vulnerabilities as Fable 5 did in the report. When it came to the demonstration of how to exploit the single vulnerability, every model we tested could produce the same demonstration as Fable 5 (including Claude Haiku 4.5, Sonnet 4.6, Opus 4.6, Opus 4.7, Opus 4.8, GPT-5.4, GPT-5.5, and Kimi K2.7). 我们的测试证实,许多性能较弱的模型——包括 Claude Opus 4.8、GPT-5.5 和 Kimi K2.7——都能识别出报告中 Fable 5 所识别出的相同漏洞。而在演示如何利用该单一漏洞时,我们测试的每一个模型都能生成与 Fable 5 相同的演示(包括 Claude Haiku 4.5、Sonnet 4.6、Opus 4.6、Opus 4.7、Opus 4.8、GPT-5.4、GPT-5.5 和 Kimi K2.7)。

Importantly, the reported technique did not expose any unique Mythos-level cyber capabilities. The behavior reflected a borderline case for Fable 5’s safeguards—as we will explain below, there are some tasks that are unlikely to be dangerous but are nonetheless blocked by the safeguards out of an abundance of caution. The reported technique allowed access to one such behavior, but it only involved routine defensive cybersecurity work. 重要的是,所报告的技术并未暴露任何 Mythos 级别的独特网络能力。这种行为反映了 Fable 5 安全防护的一个临界情况——正如我们下文将解释的那样,有些任务本身不太可能具有危险性,但出于谨慎考虑,安全防护措施仍会将其拦截。所报告的技术允许访问其中一种此类行为,但它仅涉及常规的防御性网络安全工作。

Even so, we moved quickly to address the reported bypass. Working closely with the government, we trained an improved safety classifier that targets and blocks the behavior described in the report. Users will be notified if a request to Fable 5 is blocked, and the request will instead be sent to Opus 4.8. 即便如此,我们还是迅速采取行动解决了这一报告的绕过问题。通过与政府密切合作,我们训练了一个改进的安全分类器,专门针对并拦截报告中描述的行为。如果用户对 Fable 5 的请求被拦截,系统会通知用户,并将该请求转交给 Opus 4.8 处理。

The new classifier means that the specific technique described in the Amazon report is blocked in over 99% of cases. In a very small fraction of cases the model may provide information that isn’t detailed enough to help a cyberattacker. As we describe below, the model’s safeguards are not expected to block all low-risk routine cyberdefense capabilities—just those that are potentially harmful. Researchers from the US Department of Commerce’s Center for AI Standards and Innovation (CAISI) have tested both our prior and new safeguards and agree that they are extraordinarily strong. 新的分类器意味着亚马逊报告中描述的特定技术在超过99%的情况下会被拦截。在极少数情况下,模型可能会提供不够详细、不足以帮助网络攻击者的信息。正如我们在下文所述,模型的安全防护措施并非旨在拦截所有低风险的常规网络防御能力,而仅针对那些具有潜在危害性的内容。美国商务部人工智能标准与创新中心(CAISI)的研究人员测试了我们之前和新的安全防护措施,并一致认为它们非常强大。

The new classifier also comes at the cost of flagging benign requests more often during routine coding and debugging tasks. As with all our safeguards, we’ll continue to refine this to better distinguish genuine misuse from legitimate requests and reduce false positives. 新的分类器也带来了一个代价,即在日常编码和调试任务中,它会更频繁地标记良性请求。正如我们所有的安全防护措施一样,我们将继续对其进行优化,以更好地将真正的滥用行为与合法请求区分开来,并减少误报。

Our approach to cybersecurity safeguards

我们的网络安全防护方法

Claude Mythos 5 can be used to find and exploit software vulnerabilities more effectively than any other model—and all but the most skilled human security experts. These prodigious cybersecurity capabilities make it uniquely attractive to malicious actors who wish to misuse it in cyberattacks. Claude Mythos 5 在发现和利用软件漏洞方面的效率超过了任何其他模型,甚至超过了除最顶尖人类安全专家之外的所有人。这些惊人的网络安全能力使其对那些希望将其用于网络攻击的恶意行为者具有独特的吸引力。

Claude Fable 5, however, provides no such unique offensive capabilities. This is because we launched it with the strongest safeguards we’ve ever applied to a model. In the month prior to… 然而,Claude Fable 5 并不具备这种独特的攻击能力。这是因为我们在发布它时,应用了我们有史以来最强大的模型安全防护措施。在……之前的那个月里。