CyberSecurityBoardThreat Intel · CVEs · Products
Cyber News

Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls

July 1, 2026

Anthropic has restored its Claude Fable 5 AI model worldwide after the U.S. Commerce Department lifted export controls imposed on June 12, 2026. The controls were triggered by a jailbreak discovered by Amazon researchers that allowed the model to bypass safety rules and flag software flaws, including writing exploit code. Anthropic downplayed the severity, noting similar vulnerabilities exist in other models like Claude Opus 4.8, OpenAI’s GPT-5.5, and China’s Kimi K2.7.

To address concerns, Anthropic trained a new safety classifier that blocks the specific jailbreak technique in over 99% of attempts, redirecting blocked requests to the weaker Opus 4.8. The more restricted Mythos 5 model remains limited to about 100 U.S. companies and federal agencies defending critical infrastructure, with wider access under negotiation.

Commerce Secretary Howard Lutnick approved the reversal after a two-week review. Anthropic agreed to proactively hunt for security issues, coordinate future launches, and report malicious use. The incident highlighted ongoing tensions between AI safety and competition, especially as Chinese open-source models gain ground. Anthropic is proposing a shared industry framework to rank jailbreak severity based on capability gain, breadth, ease of weaponization, and discoverability. It also launched a HackerOne program for reporting Fable 5 jailbreaks and promised earlier government access to future models.

The broader context includes a June 2 executive order creating a voluntary review path for frontier models, but the use of export controls underscores the lack of a binding process for rapid government action on AI safety.

CVEs: CVE-2026-20245

Companies: Anthropic, Amazon, OpenAI, Microsoft, Google, HackerOne

Products: Claude Fable 5, Claude Opus 4.8, GPT-5.5, Kimi K2.7, Mythos 5, Claude.ai, Claude Platform, Claude Code, Claude Cowork