The attribution for Mastodon's CVE-2026-46349 (CVSS 5.3, retracted boost reissuance) is interestingly reported as: "This security issue has been reported by Doy
A security vulnerability in Mastodon, CVE-2026-46349, with a CVSS score of 5.3, has been disclosed. The vulnerability, related to retracted boost reissuance, was reported by Doyensec in collaboration with Anthropic Research. This collaboration has led to speculation about undisclosed project affiliations, specifically Project Glasswing. AI
IMPACT Speculation around AI collaboration in a software vulnerability disclosure.