Claude Code Found a Linux Vulnerability Hidden for 23 Years
Nicholas Carlini, a research scientist at Anthropic, reported at the [un]prompted AI security conference that he used Claude Code to find multiple remotely exploitable security vulnerabilities in the Linux kernel, including one that sat undiscovered for 23 years.Nicholas was astonished at how effective Claude Code has been at finding these bugs:We now have a number of remotely exploitable heap buffer overflows in the Linux kernel.I have never found one of these in my life before. This is very, very, very hard to do.With these language models, I have a bunch. —Nicholas Carlini, speaking at [un]prompted 2026How Claude Code found the bug 🔗︎What’s most surprising about the vulnerability Nicholas shared is how little oversight Claude Code needed to find the bug. He essentially just…
