Independent security researchers have launched a comprehensive benchmark evaluating whether newly released artificial intelligence models can match the vulnerability detection capabilities of Anthropic’s Mythos system. Published initially on May 30, 2026, and updated through late June, the assessment challenges public claims that Mythos possesses exclusive advantages in identifying complex, multi-file software flaws. The testing methodology centers on a curated corpus of high-severity bugs documented by Anthropic. Each vulnerability was vetted using Claude Opus 4.8 to confirm it as a genuine, unpatched defect existing before the models training cutoff. Models were then deployed in isolated containers with sanitized source code repositories and granted standard auditing tools, but denied any hints regarding the location or nature of the flaws. This setup ensures a fair comparison of raw security analysis capabilities without access to historical commit data or external vulnerability databases. Results indicate that while Mythos identified four unique bugs that escaped detection by the test suite, its dominance is not absolute. Several commercially available and open-weight models demonstrated competitive performance. Qwen 3.6, operating locally on consumer hardware, outperformed larger proprietary systems in both accuracy and false-positive reduction. Cost-effective models from MiMo and DeepSeek matched or exceeded frontier capabilities at a fraction of the typical inference expense, with DeepSeek proving notably faster. Google’s Gemma 4 MoE variant also emerged as a surprise contender, successfully detecting four out of nine target vulnerabilities, though it exhibited frequent looping behavior during extended runs. Conversely, several prominent models underperformed or failed entirely. Mistral Medium returned no results despite completing execution, suggesting implicit safety filtering rather than technical limitation. Google’s Antigravity CLI explicitly blocked security analysis prompts, requiring direct API access that bypassed default guardrails. Pricing and efficiency metrics revealed that legacy models like Claude Haiku and Sonnet are ill-suited for security auditing, consuming excessive tokens without delivering proportional value. The benchmark underscores a shifting landscape in automated security research. The findings suggest that sophisticated vulnerability detection no longer requires exclusive access to proprietary infrastructure. When equipped with adequate context and computational resources, current open and mid-tier models can identify complex code flaws previously attributed to advanced systems. Researchers note that prompt engineering, extended analysis time, and iterative tooling likely hold the key to unlocking full potential in existing architectures. Anthropic has not yet responded to the published data. The benchmark remains active, with plans to introduce multi-attempt testing and expand the vulnerability corpus. As the evaluation evolves, the industry is left to question whether Mythos represents a fundamental leap in machine-driven security analysis or simply a temporary lead in a rapidly converging field.