Claude Mythos徹底解剖：50ドルで27年モノのゼロデイ脆弱性を発見、既存の防壁はなぜ崩壊したか An analysis of how Claude reportedly uncovered a 27-year-old zero-day vulnerability for ar…

A recent report claims that Anthropic's Claude was used to uncover a zero-day vulnerability that had lingered in code for roughly 27 years, at an API cost of only about $50. The piece, framed as a deconstruction of the emerging "Claude mythos," uses the incident as a lens to examine why long-standing security assumptions are starting to crack in the LLM era.

The central argument is economic rather than purely technical. Traditionally, finding deep logic bugs in mature open-source code required scarce, expensive expert attention: a senior reverse engineer slowly building a mental model of an unfamiliar codebase. Long-context LLMs can now traverse entire repositories, reason about cross-function invariants, and flag semantic anomalies repeatedly and cheaply. The symbolic $50 figure underscores that the same capability is now in the hands of both defenders and attackers, which arguably resets the cost curve of vulnerability research.

Technically, models like Claude appear to excel at surfacing implicit-precondition mismatches between callers and callees, off-by-one or boundary conditions hidden behind layers of abstraction, and stale assumptions in code paths rarely exercised by tests or fuzzers. Classical defenses such as signature-based SAST, coverage-guided fuzzing, and even formal verification remain useful, but many of them implicitly assumed that human review bandwidth was the scarce resource. With that assumption weakening, audit throughput is being redefined.

The broader ecosystem reflects the same trend. Google's Project Naptime and its Big Sleep follow-up have demonstrated LLM agents discovering real memory-safety bugs in widely deployed software. OpenAI and Meta have publicly discussed internal AI-assisted red teaming, and bug bounty platforms such as HackerOne and Bugcrowd report a rising share of AI-assisted submissions. At the same time, hallucinated vulnerabilities and plausible-sounding but incorrect root-cause analyses remain a genuine concern, so human triage layered on top of AI findings is still the pragmatic norm.

A few caveats are worth flagging. The headline cost of $50 likely excludes the engineering work to scaffold the agent, design prompts, and validate findings, so the true marginal cost of "AI-found zero-days" may be higher than the number suggests. It also remains unclear how well such results generalize beyond the specific class of bug discussed; some categories of vulnerability, particularly those requiring complex runtime state or cryptographic insight, may still resist purely static LLM analysis.

Even with those qualifications, the direction of travel seems clear. The episode marks a transition point where AI shifts from being a coding assistant to behaving as a semi-autonomous vulnerability discovery agent. Open-source maintainers, vendors, and corporate security teams would be wise to assume that adversaries can run similar pipelines at low cost, and to revisit patch cadence, dependency hygiene, and threat models accordingly. The defenders who internalize this shift first are likely to fare best as the asymmetry between attack and defense is rewritten.