AI Agent Autonomously Hacks FreeBSD Kernel in Four Hours — CVE-2026-4747

Summary

In a development that should make every security team sit up and pay attention, an AI agent powered by Anthropic’s Claude has autonomously developed working exploits for a critical FreeBSD kernel vulnerability (CVE-2026-4747) — a stack buffer overflow in FreeBSD’s RPCSEC_GSS module — in approximately four hours of compute time.

The AI didn’t just write exploit code. It set up its own testing environments using QEMU, developed ROP chains, debugged issues independently, and produced two fully functional remote root exploits. Nicholas Carlini of Anthropic’s Frontier Red Team documented the process, which compressed what would typically take weeks of specialized human effort into hours of compute. The exploit can compromise unpatched servers in under a minute.

FreeBSD patched CVE-2026-4747 on March 26, 2026 with a single bounds check before the affected memory copy operation.

Source

Original reporting by Forbes and WinBuzzer. Technical writeup at Calif.io.

Commentary

This isn’t a parlor trick. We’ve crossed from “AI helps find bugs” to “AI autonomously weaponizes kernel-level vulnerabilities.” The fact that it handled the full kill chain — environment setup, exploit development, debugging, and weaponization — without human intervention is a qualitative shift in the offensive threat landscape.

The implications for defense are stark: patch windows just got a lot more dangerous. If an AI can go from CVE disclosure to working root exploit in four hours, the traditional timeline of “we’ll patch next maintenance window” is increasingly untenable. Every unpatched box is now a race condition against compute, not human skill.