When Anthropic unveiled Claude Mythos Preview earlier this month, the cybersecurity community debated whether AI-driven vulnerability discovery at scale was a near-term reality or a controlled demonstration. That question is now being answered in the field. SpaceX security engineer Asim Viladi Oglu Manizada and a team of autonomous AI agents have independently discovered two zero-day vulnerabilities in CUPS, the Common Unix Printing System used across Linux and Unix environments. 1AI agents found vulns in this popular Linux and Unix print server The findings - tracked as CVE-2026-34980 and CVE-2026-34990 - are the clearest sign yet that AI vulnerability scanning has moved from frontier-lab showcase to practitioner tool.
The CUPS Exploit Chain
CVE-2026-34980 allows an unauthenticated remote attacker to achieve code execution under the CUPS service account (lp). CVE-2026-34990 then enables local privilege escalation from lp to root. 2CUPS Vulnerability Chain Enables Remote Attacker to Execute Malicious Code Chained together, an attacker can go from an unauthenticated network position to full root access on any unpatched system running CUPS 2.4.16 or older - with no human interaction required.
Manizada has stated he was inspired by Simone Margaritelli's 2024 research, which chained earlier CUPS flaws for remote code execution. 1AI agents found vulns in this popular Linux and Unix print server The difference this time: the discovery pipeline was largely autonomous. The AI agents identified the vulnerability classes, constructed proof-of-concept exploits, and validated the chain - a workflow that previously required deep manual expertise.
As of mid-April 2026, code commits addressing both vulnerabilities have been published to the CUPS repository, but official patched releases have not yet been issued. 2CUPS Vulnerability Chain Enables Remote Attacker to Execute Malicious Code
Why This Matters Beyond CUPS
The CUPS finding is significant not because of the specific bugs - print server vulnerabilities have a long history - but because of what it demonstrates about capability diffusion. Anthropic's Mythos Preview operates on massive, purpose-built infrastructure under tightly controlled access. Manizada's AI agents, by contrast, operated outside Anthropic's ecosystem entirely, showing that vulnerability-hunting capability is no longer gated behind a single frontier model. 1AI agents found vulns in this popular Linux and Unix print server
This aligns with a prediction the Cloud Security Alliance's Rich Mogull made in his "Vulnpocalypse" analysis: that Mythos-class capabilities would eventually reach open-weight models and independent toolchains. 3Anthropic's Mythos is Here: Defending from the Vulnpocalypse — Cloud Security Alliance The timeline appears to be compressing faster than many expected. If a single researcher with well-orchestrated AI agents can uncover chainable RCE-to-root flaws in a ubiquitous service, the volume of AI-discovered vulnerabilities arriving at enterprise patch queues is set to increase sharply.
What Enterprises Should Do Now
The practical implications are immediate. Organizations running CUPS should disable the cups-browsed service on any system that does not require network printing and monitor for the official patched release. 2CUPS Vulnerability Chain Enables Remote Attacker to Execute Malicious Code More broadly, the CUPS case reinforces the defensive priorities that analysts have been emphasizing since the Mythos announcement:
- Inventory rigor - You cannot patch what you do not know you run. AI-discovered vulnerabilities will arrive faster than quarterly asset scans can track.
- Patch velocity - The window between disclosure and exploitation is narrowing. Measure and reduce your critical-patch deployment time.
- Segmentation - Assume that exploitation cost is dropping. Contain blast radius through aggressive network segmentation, especially for legacy services like print servers.
Looking Ahead
The CUPS discovery is a data point, not an endpoint. As AI vulnerability-scanning tools become more accessible, the industry faces a structural shift: the rate of vulnerability discovery will outpace many organizations' ability to remediate. Anthropic has committed up to $100 million in Mythos Preview usage credits and $4 million in direct donations to open-source security organizations through Project Glasswing. 4Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems — The Hacker News That investment buys time, but as the CUPS case shows, the capability is already diffusing beyond any single company's control. The organizations that treat this as a patch-velocity and segmentation problem - starting now - will be better positioned than those waiting for the next headline.
Bild: towel.studio / Unsplash
