Post
HIGH

Autonomous AI Agent Finds 21 Zero-Days in FFmpeg; Chrome 149 Patches Record 429 Bugs

· zero-day · llm · vulnerability · cve · google

A security startup’s autonomous AI agent discovered 21 previously unknown vulnerabilities in FFmpeg, the media-processing library embedded in browsers, streaming servers, video players, and mobile devices. The findings are a notable milestone for AI-assisted vulnerability discovery at scale in production C codebases. Separately, Google shipped Chrome 149 with 429 security patches — the highest single-release count in Chrome history; only the FFmpeg bugs were AI-found. Organizations relying on FFmpeg should monitor for patches and audit deployed versions across their stack. The AI-assisted discovery angle signals that large, well-audited open source libraries are no longer safe from systematic automated review.