Security researcher Nicholas Carlini, supported by Anthropic’s AI model Claude, discovers and exploits a vulnerability in the FreeBSD system in just four hours, with the model also successfully creating a powerful exploit. This vulnerability has been registered under the code CVE-2026-4747.
FreeBSD is the foundation of a wide range of products and technical infrastructure. Companies like IBM, Nokia, Juniper Networks, and NetApp rely on it, as well as parts of Apple’s macOS.
The system’s use extends to the entertainment sector, as the PlayStation 3, PlayStation 4, and Nintendo Switch operating systems depend on it, in addition to wide-ranging services such as Netflix and WhatsApp.
The vulnerability lies in the RPCSEC_GSS module responsible for Kerberos authentication on NFS servers, and was exploited through an attack known as “Stack Buffer Overflow,” which allows writing outside the bounds of allocated memory, leading to tampering with adjacent memory areas.
This incident indicates a dangerous acceleration in the world of cybersecurity, as it no longer takes a long time to discover vulnerabilities, but rather they can be turned into hacking tools within hours, while systems update cycles in companies still take weeks.
