Mozilla's AI agents fix 423 Firefox security bugs in one month
Serge Bulaev
Mozilla used AI agents to help fix 423 Firefox security bugs in April 2026, much more than their usual monthly number. These agents work by finding risky code, trying to cause crashes, and making sure the problems can be repeated before sending reports to human reviewers. Many old and serious issues were found, including bugs that had been in the browser for years. Some experts say that while the fixes may lower risk for users, there might still be some logic errors that tests miss, and the same AI methods could possibly help attackers find new bugs. Mozilla spread the fixes over several browser versions to watch for problems and fix conflicts.
In a major development for software security, Mozilla's AI agents helped fix 423 Firefox security bugs in April 2026, a 20-fold increase over its 2025 monthly average. This achievement, detailed in a May 2026 Register report, was driven by an "agentic harness" that uses Anthropic's Claude AI to find, verify, and suggest patches for vulnerabilities. This article explores how the AI pipeline functions, the significance of its findings, and the long-term outlook for browser security.
How Mozilla shipped 423 Firefox security fixes in one month using AI agents
Mozilla deployed an automated system that uses AI to dramatically increase security patching. The process involves an "agentic harness" that directs AI models to score source code for risk, trigger potential crashes in test builds, and verify that the vulnerabilities are reproducible before flagging them for human review.
While Mozilla averaged just 21 security patches per month in 2025, that number skyrocketed to 423 in April 2026. This was more than five times the fixes from March and nearly twenty times the previous year's average. According to a ZenML case study, a single pass by an AI model identified 271 of the 423 April 2026 fixes; the total AI‑assisted count is reported as 423. The system works by assigning a risk score to code; high-risk code is then tested by an AI sub-agent that attempts to induce and reproduce a crash before sending a verified report to human engineers.
What kinds of vulnerabilities surfaced
The AI agents proved remarkably effective at finding long-dormant and high-severity issues. Of the initial 271 bugs found by one model, 180 were rated "sec-high." The discoveries included a 15‑year‑old flaw in an HTML
Effects on users and on browser stability
Fixing these latent defects, many of which never appeared in user crash reports, significantly reduces the attack surface for future exploits. By proactively removing these hidden bugs, Mozilla enhances long-term browser stability and security for all users. To manage the risk of introducing new problems, the fixes were rolled out in stages across Firefox 149.0.2, 150, and 150.0.1. This staggered release schedule, combined with existing security measures like process sandboxing, allowed engineers to monitor for regressions and ensure a stable user experience.
Inside the harness
The success of the project lies in its carefully designed workflow. Key modules, as described in ZenML documentation, are:
- File-scoring model ranking memory-unsafe hotspots.
- Crash reproducer that drives custom fuzzing builds.
- Second-stage verifier checking report quality.
- Vendor SDK glue code that lets agents call build, test, and patch tools programmatically.
Engineers noted that the system's low false-positive rate is due more to this strict, multi-step verification process than to any single breakthrough in AI reasoning alone.
Open questions
Despite the success, experts highlight remaining challenges. A primary concern is the "semantic-correctness gap," where AI-generated patches pass automated tests but fail to fix the underlying logic flaw. While Mozilla's verification process helps, it can't eliminate this risk entirely. A second concern is dual-use: the same AI techniques that help defenders could also be used by attackers to find new exploits even faster.