This week saw the arrival of two major security incidents. A security startup stated that 21 previously unknown vulnerabilities were discovered in FFmpeg (the media library that powers nearly all video-related applications and services in the world) and all of them were identified by a self-operating AI agent.
On the same week, Google released Chrome 149 with 429 security patches, this is also the highest number of patches ever delivered in one single Chrome release. The only bugs identified in FFmpeg were done so by AI, while the record number of bugs addressed in Chrome was set by Google changing its bounty program to deal with a deluge of AI-generated vulnerability reports.
Even though the methods for discovering the vulnerabilities differ, the speed at which they are being discovered has continued to increase as well.
The FFmpeg Findings
The FFmpeg findings come from depthfirst, which is a security startup whose autonomous security agent scanned the project's roughly 1.5 million lines of C code, and it produced 21 confirmed zero-days with each vulnerability having a reproducible proof-of-concept input that triggers the flaw.
The company puts the cost of the entire run at around $1,000, and this is remarkably cheap for discovering 21 zero-day vulnerabilities that had been hiding in the codebase for years.
Several of the bugs had been latent for 15 to 20 years, and one stack overflow in the service-description-table code actually dates back to 2003, meaning it sat untouched in the FFmpeg codebase for 23 years before the AI agent finally found it.
Most of the 21 vulnerabilities are heap overflows or stack overflows in parsers and demuxers, and they span components from the TS demuxer to the VP9 decoder.
Depthfirst says some already carry CVE identifiers, and the company's writeup lists nine specific CVEs including CVE-2026-39210 through CVE-2026-39218, and it notes that the rest of the vulnerabilities are fixed but not yet numbered, and the company also published a proof-of-concept for each vulnerability.
Chrome 149 Record Patch Release
In separate news, Chrome 149 fixes 429 vulnerabilities, and this is a record for a single release in Chrome's history by a very wide margin.
Over 100 of these are classified as critical or high severity, and most of them are use-after-free bugs and insufficient input validation issues that could lead to remote code execution.
The worst vulnerability in Chrome 149 is CVE-2026-10881, and this flaw carries a CVSS score of 9.6 which is just below the maximum of 10.0, and it is an out-of-bounds read and write in the ANGLE graphics engine that lets a crafted webpage escape the Chrome sandbox and run arbitrary code on the host operating system.
Google paid $97,000 for this single vulnerability, and this large payout reflects its severity and the difficulty of finding it.
The highest-severity bugs were mostly internal finds though, of roughly 90 high-severity bugs only 10 came from outside researchers, and 19 of the 22 critical vulnerabilities were discovered by Google's own security team, so the AI connection in Chrome 149 is more about the volume of reports than the authorship of the fixes.
Google's Bounty Overhaul
Google has not directly tied the record 429 patches to AI, but the on-record signal is the bounty overhaul that the company made in April of this year.
The overhaul was prompted by a flood of AI-generated submissions, and Google is now asking researchers to provide a concise reproducer instead of the long writeups that AI tools tend to churn out.
This change is designed to help human triagers keep pace with the volume of reports that AI agents are generating, because the human triagers were being overwhelmed by the length and detail of AI-generated reports.
Other AI Security Findings
This is not the first time AI has found vulnerabilities in FFmpeg though, and it is part of a growing trend.
Google's Big Sleep agent reported a run of FFmpeg bugs last year, and those findings are now visible on the FFmpeg project's security page tagged with the identifier BIGSLEEP.
Anthropic's Mythos model also pulled a 16-year-old H.264 flaw and several others out of FFmpeg for about $10,000, and three of those vulnerabilities shipped in FFmpeg version 8.1, according to Anthropic's own writeup.
Days ago, another autonomous tool found an authenticated remote code execution vulnerability in Redis, and this flaw had been present in the Redis codebase since version 7.2.0 which means it went unnoticed for over two years.
A February study also had an autonomous agent reproduce working proof-of-concepts for more than half of 100 real Linux kernel N-day bugs, and the agent beat traditional fuzzing methods in many cases.
The Hard Part
All of this research points in the same direction, AI is making vulnerability discovery faster and cheaper, and the economics of finding bugs have changed dramatically.
Finding these bugs has gotten very cheap, but triaging the reports, shipping the fixes, and getting those fixes installed on end-user systems has not gotten cheaper, and much of that work still falls on volunteers and a thin layer of human triagers who are now expected to keep pace with machines that can generate reports around the clock.
The hard part is shifting, the economics of discovery have changed, but the economics of remediation have not, and this imbalance is becoming a major challenge for the security industry.
How to Protect Your Systems
For FFmpeg, you should pull the fixed upstream build or your distribution's security update as soon as it lands, and you should prioritize anything that ingests untrusted RTSP or AV1-over-RTP streams because those are the attack vectors for many of the discovered vulnerabilities.
FFmpeg is widely bundled in media pipelines, Python wheels, container images, and network appliances, so you should not stop at system packages, those embedded copies need patching too, and you should check all the places where FFmpeg might be hiding in your infrastructure.
For Chrome, you should update to version 149.0.7827.53 on Linux or version 149.0.7827.53 or 149.0.7827.54 on Windows and macOS, or you should confirm that auto-update has already run on your system, and you should restart your browser to ensure the update takes effect.
Final Thoughts
The AI discovered FFmpeg vulnerabilities and the Chrome record patch release arrived within days of each other, and both events point to the same underlying trend, AI is accelerating vulnerability discovery at an unprecedented pace that the security industry has never seen before.
An autonomous agent scanned 1.5 million lines of C and found 21 zero-days for around $1,000, and Chrome patched 429 bugs in a single release after Google overhauled its bounty program to handle AI-generated reports.
The hard part is shifting, finding bugs is cheap, but fixing them still requires humans, and those humans are now expected to keep pace with machines that never sleep and never stop generating reports.
Update your FFmpeg libraries, update your Chrome browser, and prepare for more of this, because AI is not slowing down, and neither are the vulnerabilities that AI agents will continue to find in every major software project.
FAQ Section
How many FFmpeg zero-days did the AI agent find?
The autonomous AI agent found 21 confirmed zero-days in FFmpeg, and nine of these have CVE identifiers ranging from CVE-2026-39210 through CVE-2026-39218.
How much did it cost to find the FFmpeg vulnerabilities?
Depthfirst puts the cost of the entire run at around $1,000, and several of the bugs had been latent for 15 to 20 years with one stack overflow dating back to 2003 which is 23 years ago.
Why did Chrome 149 have a record 429 patches?
Google overhauled its bounty program in April in response to a flood of AI-generated submissions, and the record 429 patches includes over 100 critical or high severity vulnerabilities.
What is the most severe vulnerability in Chrome 149?
CVE-2026-10881 with a CVSS score of 9.6 is an out-of-bounds read and write in the ANGLE graphics engine, and it lets a crafted webpage escape the Chrome sandbox and run code on the host operating system, and Google paid $97,000 for it.
What is the hard part about AI-discovered vulnerabilities?
Finding bugs has gotten very cheap, but triaging the reports, shipping the fixes, and getting those fixes installed has not, and much of that work still falls on human volunteers and triagers who must now keep pace with machines.
