AI Agent Finds 21 FFmpeg Zero-Days as Chrome 149 Patches Record 429 Bugs

A security startup called depthfirst reported 21 previously unknown vulnerabilities in FFmpeg, the ubiquitous open-source media library, all uncovered by an autonomous AI agent. The agent scanned the project's roughly 1.5 million lines of C code and produced reproducible proof-of-concept exploits for each flaw, reportedly at a cost of around $1,000 per run. Several bugs had been latent for 15 to 20 years, including a stack overflow in the service-description-table code dating back to 2003 that sat untouched for 23 years. The vulnerabilities are predominantly heap and stack overflows in parsers and demuxers, spanning components from the TS demuxer to the VP9 decoder. Nine carry CVE identifiers (CVE-2026-39210 through CVE-2026-39218), with the remainder fixed but not yet numbered. Organizations processing video through FFmpeg should prioritize deploying patched builds immediately and audit their media pipelines; a quick port scanner check can help identify exposed services that depend on vulnerable FFmpeg versions.

In a separate development, Google shipped Chrome 149 with fixes for 429 security vulnerabilities, the highest count in a single release. Over 100 are rated critical or high severity, predominantly use-after-free and insufficient input validation flaws. The most severe, CVE-2026-10881 with a CVSS score of 9.6, is an out-of-bounds read and write in the ANGLE graphics engine that allows a crafted page to escape the browser sandbox and execute code on the host. Google paid $97,000 for that report. Notably, most of the high-severity bugs were discovered internally: of roughly 90 high-severity findings, only 10 came from external researchers, and 19 of 22 critical bugs were Google's own work. Users should verify their browser is updated and check that endpoints are properly secured with tools like our SSL/TLS checker to ensure encrypted traffic integrity.

The AI connection is clearer on the FFmpeg side. Google hasn't attributed Chrome's 429 bugs to AI, instead pointing to its April bounty program overhaul, which now requests concise reproducers over lengthy writeups after a flood of AI-generated submissions. Still, the trend is consistent: Google's Big Sleep agent previously reported FFmpeg bugs (now tagged BIGSLEEP on the project's security page), and Anthropic's Mythos model extracted a 16-year-old H.264 flaw and others from FFmpeg for approximately $10,000, with three shipping in FFmpeg 8.1. Days before this report, another autonomous tool uncovered an authenticated RCE in Redis that had been present since version 7.2.0, unnoticed for over two years. A February study further demonstrated an agent reproducing working exploits for more than half of 100 real Linux kernel N-day bugs, outperforming traditional fuzzing. As AI accelerates vulnerability discovery on both sides, defenders can stay proactive by running a privacy checkup and monitoring their attack surface for newly disclosed CVEs.