Security researchers at Calif.io published a writeup last week describing what they call "MAD Bugs" — a demonstration in which Anthropic's Claude produced two working remote kernel exploits for a FreeBSD vulnerability (CVE-2026-4747) in approximately four hours of assisted work. The exploits achieved root shell access, meaning full control of the target system.

The headline that circulated — "first remote kernel exploit discovered and exploited by an AI" — requires a clarification that Hacker News users were quick to supply: Claude was given the CVE writeup and asked to write an exploit, not asked to find the vulnerability from scratch. The distinction matters. Discovering a novel vulnerability in kernel code is a different task from writing an exploit for a known one, and Claude did the latter.

That said, the latter is still significant. Writing a reliable remote kernel RCE exploit with root access is hard. Experienced security researchers can take weeks. Claude did it in four hours with human guidance. The researchers describe the process as Claude performing "a large part" of the technical work, with the human directing strategy and reviewing outputs.

Security professionals have noted that this collapses part of the economic barrier to sophisticated attacks: the expertise required to exploit known vulnerabilities has historically been a limiting factor on who can conduct them. If AI can assist less-skilled attackers in translating CVE disclosures into working exploits, the threat surface changes in ways that existing patch-management timelines do not account for.

The security community, as Forbes noted, has no established playbook for AI-assisted exploitation at scale. The disclosure norms, remediation timelines, and coordination mechanisms that govern current vulnerability response were built for a world where writing a kernel exploit required years of specialized knowledge. That world may be ending.

-- ANNA WEBER, Berlin

Sources: