Claude Code cracks FreeBSD within four hours

Anthropic

For about four hours, Nicholas Carlini worked on FreeBSD supported by Anthropic’s Claude. Carlini states that Claude performed a large part of the work autonomously, from identifying the vulnerability to the finished exploit.

Marc Herter (translated by Nicole Dominikowski), Published 04/04/2026 🇩🇪 🇪🇸 ...

Security researcher Nicholas Carlini, supported by Anthropic’s AI model Claude, identified a vulnerability in the FreeBSD operating system and exploited it within four hours. Claude was also capable of creating a working exploit. The vulnerability has been reported as CVE-2026-4747.

The FreeBSD operating system serves as a foundation for a wide variety of products across many technical sectors. Companies such as IBM, Nokia, Juniper Networks, and NetApp use the system to develop their infrastructures. Parts of Apple's macOS are also based on components from FreeBSD.

In the entertainment industry, elements of FreeBSD can be found in the operating systems of the PlayStation 3, PlayStation 4, and the Nintendo Switch. Additionally, large-scale, network-oriented services like Netflix and WhatsApp rely on the architecture of this system. The vulnerability is located in the RPCSEC_GSS module, which is responsible for Kerberos authentication on NFS servers.

The exploitation utilized a so-called stack buffer overflow. In this process, data is written into a memory area that is not large enough, which can cause adjacent memory areas to be overwritten. Information regarding an upcoming model from Anthropic, named "Mythos," suggests that such exploitations could take place in even less time.

The speed at which vulnerabilities are identified and directly converted into functional exploits is changing the dynamics of IT security. While traditional patch cycles—the period between a security advisory and the installation of an update—can often take weeks in corporate environments, automated exploitation is already operating in the range of hours.

Source(s)

CVE-2026-4747

AI Just Hacked One Of The World's Most Secure Operating Systems | Forbes

Anthropic's next model could be a 'watershed moment' for cybersecurity. Experts say that could also be a concern | CNN

⟨

Casio's new affordable MRW-230H watches with rotating bezel now official

Claude Code leak: IP protection or digital cover-up?

⟩

Add as a preferred source on Google

Read all 6 comments / answer

Loading Comments

Comment on this article

Editor of the original article: Marc Herter - Managing Editor Consumer Laptops - 627 articles published on Notebookcheck since 2021

From an early age I liked to thoroughly examine all kinds of devices to see how they worked, which also involved taking my own devices apart and therefore not always to the delight of my parents. Nevertheless, with my grandfather’s support, I became a computer and electronics tinkerer. With the family PC and Lego Mindstorms, my interested in software and programming took off, and I am currently an engineering program student. I enjoy building all sorts of gadgets with Arduino and 3D printers, and I still like to put electronic devices through their paces. By joining the Notebookcheck editorial team, I have been able to turn my hobby into a profession.

contact me via: Facebook, marc_i_may

Translator: Nicole Dominikowski - Tech Writer - 2826 articles published on Notebookcheck since 2022

I'm passionate about futuristic scenarios and fictional worlds, which is why I love exploring and writing about topics like gaming, AI and AR. To get a better understanding of these areas, I studied design, digital media and art after completing my apprenticeship as a gold and silversmith. In my spare time, I play music and spend a lot of time in nature with my dogs.

contact me via: Bluesky, @nicdominikowski

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2026 04 > Claude Code cracks FreeBSD within four hours

Marc Herter, 2026-04- 4 (Update: 2026-04- 4)

Source(s)

Related Articles