AI Agent Finds 21 FFmpeg Zero-Days for $1,000 — Chrome 149 Patches Record 429 Bugs
An AI agent just did what would take a skilled security researcher months — and it cost $1,000.
Security startup depthfirst ran an autonomous AI agent against FFmpeg, the media processing library embedded in virtually every video call platform, streaming service, and recording tool. The agent scanned 1.5 million lines of C code and found 21 confirmed zero-days, each with a working proof of concept. The oldest bug dates to 2003 — undetected for 23 years.
The most severe finding: a single 183-byte network packet achieves full remote code execution via a heap overflow in the AV1 decoder. No authentication required. Nine CVEs have been assigned (CVE-2026-39210 through CVE-2026-39218).
In the same week, Chrome 149 shipped fixes for 429 vulnerabilities — the largest single-release patch in Chrome’s history — including CVE-2026-10881 (CVSS 9.6, sandbox escape, $97,000 bug bounty) and CVE-2026-11645 (V8 memory flaw, already exploited in the wild, CISA KEV).
The attacker’s math is simple: run this against the next target for $1,000, sell a working exploit for $100,000+. The question is not whether attackers have AI-assisted discovery. They do. The question is what you are doing about it.
Three things to check: Audit every system that processes user-supplied media — if FFmpeg is in the stack, update immediately. Push Chrome 149 across all managed endpoints now. Revisit your compensating controls assumption if your patch window is 30 days.
For those who want a deeper dive into this topic:
