Discussion

• @morqon Morgan on x

  mythos scans curl, finds one “severity low” vulnerability, one bug, and three false positives already described in the docs [image]

• @zackkorman Zack Korman on x

  Mythos found a single vulnerability in cURL (along with three false positives, and one issue they classified as a bug). The founder/lead dev wasn't super impressed. [image]

• @lukolejnik Lukasz Olejnik on x

  “I see no evidence that this setup finds issues to any particular higher or more advanced degree than the other tools have done before Mythos”. But: read-up. https://daniel.haxx.se/... [image]

• @martenmickos @martenmickos on x

  Mythos found one (1) vulnerability in curl - an open-source software product with an installed base of 20 billion instances. https://daniel.haxx.se/...

• @stdlib @stdlib on bluesky

  lol someone on lobsters actually suggested Mythos did not find a bug here and Anthropic might secretly be buying black market exploits and passing them off as if they were from Mythos. we are approaching unimaginable, unhealthy levels of cope daniel.haxx.se/blog/2026/05...

• r/BetterOffline r on reddit

  Mythos finds a vulnerability in curl, a single low severity one, and curl's creator is not impressed, calls it “a succesful marketing stunt”.

• r/ClaudeAI r on reddit

  Curl maintainer utilized Anthropic's Mythos scan: 1 confirmed vulnerability and ~20 bugs

• r/theprimeagen r on reddit

  Mythos finds a curl vulnerability

• r/claude r on reddit

  Anthropic's bug-hunting Mythos was greatest marketing stunt ever, says cURL creator

• r/netsec r on reddit

  Curl lead developer Daniel Stenberg provides insightful feedbacks from Mythos analysis results