An AI agent discovered 21 zero-day vulnerabilities in FFmpeg for $1,000. Chrome recently addressed a historic total of 429 bugs.

      **TL;DR:** Depthfirst’s AI agent discovered 21 zero-day vulnerabilities in FFmpeg for $1,000. Chrome 149 addressed a record 429 security issues. AI is overwhelming defenders with more vulnerabilities than they can manage.

      A security startup called depthfirst utilized an autonomous AI agent to identify 21 previously undisclosed vulnerabilities in FFmpeg, the open-source media library widely used in video applications. The startup reported that the operation cost around $1,000 in computing resources, with some vulnerabilities remaining hidden in the code for over 20 years.

      Soon after, Google released Chrome 149, which included patches for a record-breaking 429 security vulnerabilities—more than any other browser release to date. Over 100 of these vulnerabilities are classified as critical or high severity. Although these two developments occurred separately, both highlight a common trend: AI is discovering vulnerabilities at a pace that exceeds human resolution capabilities.

      Depthfirst’s AI agent analyzed about 1.5 million lines of C code in FFmpeg and provided reproducible proof-of-concept demonstrations for each of the 21 zero-days. Most of the vulnerabilities are related to heap or stack overflows in parsers and demuxers, affecting components from the TS demuxer to the VP9 decoder. Notably, one stack overflow in the service-description-table code dates back to 2003.

      Nine of these vulnerabilities already possess CVE identifiers (CVE-2026-39210 to CVE-2026-39218), while the others have been resolved upstream but not yet assigned numbers. Depthfirst has made proof-of-concept code available.

      FFmpeg is not new to AI-assisted vulnerability discovery. Last year, Google’s Big Sleep agent identified vulnerabilities in FFmpeg. Anthropic’s Mythos model uncovered a 16-year-old flaw in H.264 and other vulnerabilities for around $10,000. Depthfirst asserts that it accomplished similar results at a fraction of the cost.

      Chrome 149’s unprecedented number of fixes takes a different angle. Google hasn't linked the 429 vulnerabilities to AI, but the company revamped its bug bounty program in April in response to a wave of AI-generated submissions, now requesting concise reproductions instead of the extensive descriptions typical of AI outputs.

      The most severe vulnerability, CVE-2026-10881, has a CVSS score of 9.6. It is an out-of-bounds read and write issue in the ANGLE graphics engine, allowing a specially crafted page to escape Chrome’s sandbox and execute code on the host system. Google rewarded the report with $97,000. Out of the 22 critical bugs, 19 were discovered internally.

      This trend continues as an autonomous tool recently identified an authenticated remote code execution vulnerability in Redis that had been overlooked for over two years. A study from February revealed that an AI agent could reproduce functional exploits for more than half of 100 actual Linux kernel vulnerabilities, outperforming conventional fuzzing methods.

      The challenge has now shifted. Discovering these bugs has become inexpensive, but organizing reports, implementing fixes, and ensuring installation remains a struggle. Much of this burden still rests on volunteers and a small group of human triagers who are now expected to keep up with machines. Mozilla also addressed 271 Firefox vulnerabilities identified by Mythos in a single effort. The critical question has transitioned from whether AI can find bugs to whether anyone can address them swiftly enough.