But Mythos is not marketed as a tool that can do the same as other tools already available maybe slightly better, but as a revolution.

Sure, but isn't it a verdict on Mythos compared to other models?

If so, it would still follow. "Most software" isn't analyzed as much as curl, by either other tooling or other models, that might well find close to the same as Mythos did. As such, Mythos then isn't especially/particularly dangerous.

I don't think I understand what you mean, the "not particularly dangerous" comment was in relation to the vulnerability that was found right ? Surely they would know what constitutes a lower severity level.

Curl is currently receiving a record number of high-quality bug/vuln reports (a rather sharp change from the earlier slop inundation), so it’s not like there’s nothing to find. Many or most of these are presumably found by human experts assisted by AI tools, but if Mythos were truly revolutionary, it should be able to find such issues on its own.

https://daniel.haxx.se/blog/2026/04/22/high-quality-chaos/, linked from TFA