Mythos-class AI models can autonomously discover and weaponize vulnerabilities in software by analyzing code, generating hypotheses, and producing working exploits. Examples include a 27-year-old denial-of-service vulnerability in OpenBSD's TCP SACK implementation, a 17-year-old remote code execution flaw in FreeBSD's NFS server, and a 16-year-old out-of-bounds write in FFmpeg's H.264 codec. These models shift vulnerability discovery from traditional CVE pattern-matching to machine-speed exploit generation.
