2026-05-19 10:00
CRITICALRELEASE
Claude Opus 4.7 launched — successor to Opus 4.6 with stronger long-horizon agentic performance. Behavioral baselines, eval suites, and red-team results captured on 4.6 must be re-validated
2026-05-19 10:01
HIGHRELEASE
Fast mode (/fast) in Claude Code — Opus 4.6/4.7 run at Sonnet-class latency via aggressive prompt caching. Rate-limit and cost assumptions tied to old Opus throughput are invalid
2026-05-14 09:30
CRITICALv2.2.4
Fixed prompt-injection escape in MCP elicitation — a malicious server could coerce Claude Code into ignoring managed deny rules during structured input prompts
2026-05-12 10:00
CRITICALRELEASE
Claude Mythos GA — offensive frontier model out of preview, available to all Project Glasswing partners. CVE disclosure pipelines facing record submission volume
2026-05-12 10:01
HIGHRELEASE
Mythos misuse policy update — Anthropic shifts liability for downstream exploitation onto deploying partner. Review your acceptable use language before granting access
2026-05-07 10:00
HIGHRELEASE
Managed Agents general availability — moves from public beta to production SLA. Customer-managed deployments with no oversight loop now contractually supported
2026-05-05 10:00
MEDIUMRELEASE
Computer Use audit timestamps now exported to Compliance API — partial closure of audit gap. Content of agent actions still excluded from logs
2026-05-01 09:00
HIGHRELEASE
1M context beta retired for Sonnet 4.5/4 — configs pinned to the 1M window now silently fall back to 200K. Long-document pipelines may truncate without warning
2026-04-28 10:00
HIGHRELEASE
Voice control of Computer Use sessions from Claude Mobile — ambient agent invocation from phone microphone, including from locked screen on iOS
2026-04-24 14:11
CRITICALv2.2.0
MCP server marketplace with one-click install — unvetted third-party MCP servers can be added to Claude Code without administrator review. Supply chain attack surface expanded
2026-04-21 10:00
HIGHRELEASE
Cross-org artifact sharing — artifacts shareable by link between Anthropic organizations, including outside your tenant. Data exfiltration channel that bypasses DLP
2026-04-18 11:45
HIGHv2.1.94
Fixed Routines executing despite expired GitHub OAuth tokens — scheduled tasks continued to run against cached credentials for up to 14 days
2026-04-14 10:00
CRITICALRELEASE
Routines launched — Claude Code runs scheduled cloud automations (nightly bug fixes, draft PRs) without laptop open. Autonomous code execution on a timer
2026-04-08 10:00
CRITICALRELEASE
Managed Agents public beta — fully managed autonomous agent infrastructure. Agents run sandboxed with tools, streaming, no user oversight required
2026-04-08 10:01
HIGHRELEASE
ant CLI launched — command-line client for Claude API with native Claude Code integration and YAML-versioned API resources
2026-04-07 10:00
CRITICALRELEASE
Claude Mythos Preview — frontier model autonomously compromises weakly defended networks end-to-end. First model to complete 32-step attack simulation
2026-04-07 10:01
HIGHRELEASE
Project Glasswing — defensive coalition (AWS, Apple, Cisco, Google, Microsoft, NVIDIA) for controlled Mythos deployment. Thousands of high-severity vulns found
2026-04-04 09:15
MEDIUMv2.1.92
Bedrock interactive setup wizard, /release-notes version selector, MCP result persistence
2026-04-01 08:30
MEDIUMv2.1.90
/powerup interactive tutorials and NO_FLICKER rendering engine
2026-03-30 10:00
HIGHRELEASE
Haiku 3 deprecation announced — retirement April 19. Applications using claude-3-haiku-20240307 must migrate to Haiku 4.5
2026-03-30 10:01
MEDIUMRELEASE
1M context beta retiring — Sonnet 4.5/4 1M window ends April 30. Migrate to Sonnet 4.6 or Opus 4.6
2026-03-26 10:00
CRITICALRELEASE
Computer Use launched — Claude opens files, clicks, types, scrolls, navigates desktop autonomously. Not captured in audit logs or Compliance API
2026-03-25 10:00
HIGHRELEASE
Auto Mode — Claude Code decides which actions are safe to execute without developer approval. Permission shifts from human to AI
2026-03-24 10:00
HIGHRELEASE
Dispatch + Channels — persistent async agent control from phone, Discord, and Telegram. Compromised device can instruct desktop Claude
2026-03-17 09:00
MEDIUMRELEASE
Persistent storage for artifacts — stateful apps with shared data, 20MB per artifact
2026-03-14 11:42
CRITICALv2.1.78
Fixed silent sandbox disable when sandbox.enabled:true but dependencies missing
2026-03-12 10:00
MEDIUMRELEASE
Claude creates interactive charts and visualizations inline in responses
2026-03-11 10:00
MEDIUMRELEASE
Excel/PowerPoint add-ins share full cross-app context + LLM gateway support
2026-03-09 08:17
HIGHv2.1.77
Fixed PreToolUse hooks bypassing enterprise managed deny rules
2026-03-07 14:33
MEDIUMv2.1.76
Added MCP elicitation — servers can request structured mid-task input
2026-03-02 10:00
MEDIUMRELEASE
Memory from chat history now available for ALL users including free tier
2026-02-28 16:20
HIGHv2.1.74
Fixed managed policy ask rules bypassed by user allow rules
2026-02-25 10:00
HIGHRELEASE
Scheduled recurring tasks in Cowork — autonomous execution on a timer
2026-02-21 10:08
HIGHv2.1.73
Added modelOverrides — maps model picker to custom Bedrock ARNs
2026-02-17 10:00
MEDIUMRELEASE
Claude Sonnet 4.6 launched with 1M token context window beta
2026-02-12 10:00
HIGHRELEASE
Self-serve Enterprise plans — any org can purchase with no sales gate
2026-02-05 10:00
MEDIUMRELEASE
Opus 4.6 launched + Claude for PowerPoint + Excel native operations
2026-01-16 10:00
HIGHRELEASE
Claude Code bundled into ALL Team Standard seats — agentic coding for every user
2026-01-16 10:01
HIGHRELEASE
Opus 4 and 4.1 deprecated — validated configs and baselines now invalid
2026-01-12 10:00
HIGHRELEASE
Cowork launched — desktop agent with local file access in isolated VM
2026-01-12 10:01
MEDIUMRELEASE
Health and fitness data access on Claude Mobile (iOS/Android)
2026-01-12 10:02
HIGHRELEASE
HIPAA-ready Enterprise plans — regulatory compliance claim to verify
2025-12-18 10:00
HIGHRELEASE
Claude in Chrome expanded to ALL paid plans — browser agent universalized
2025-12-04 14:22
HIGHv2.1.7
Fixed wildcard rules matching compound shell operator commands
2025-11-28 10:33
HIGHv2.1.6
Fixed permission bypass via shell line continuation characters
2025-11-24 10:00
HIGHRELEASE
Chrome: Follow-a-plan autonomous execution without human approval until done
2025-11-24 10:01
MEDIUMRELEASE
Context window compaction enables infinite-length conversations
2025-11-14 09:18
CRITICALv2.1.2
Fixed command injection in bash command processing
2025-11-14 09:19
HIGHv2.1.2
Fixed symlink bypass allowing escape from working directory
2025-10-31 16:05
HIGHv2.1.0
Fixed OAuth tokens and API keys exposed in debug logs
2026-05-19 10:00
CRITICALRELEASE
Claude Opus 4.7 launched — successor to Opus 4.6 with stronger long-horizon agentic performance. Behavioral baselines, eval suites, and red-team results captured on 4.6 must be re-validated
2026-05-19 10:01
HIGHRELEASE
Fast mode (/fast) in Claude Code — Opus 4.6/4.7 run at Sonnet-class latency via aggressive prompt caching. Rate-limit and cost assumptions tied to old Opus throughput are invalid
2026-05-14 09:30
CRITICALv2.2.4
Fixed prompt-injection escape in MCP elicitation — a malicious server could coerce Claude Code into ignoring managed deny rules during structured input prompts
2026-05-12 10:00
CRITICALRELEASE
Claude Mythos GA — offensive frontier model out of preview, available to all Project Glasswing partners. CVE disclosure pipelines facing record submission volume
2026-05-12 10:01
HIGHRELEASE
Mythos misuse policy update — Anthropic shifts liability for downstream exploitation onto deploying partner. Review your acceptable use language before granting access
2026-05-07 10:00
HIGHRELEASE
Managed Agents general availability — moves from public beta to production SLA. Customer-managed deployments with no oversight loop now contractually supported
2026-05-05 10:00
MEDIUMRELEASE
Computer Use audit timestamps now exported to Compliance API — partial closure of audit gap. Content of agent actions still excluded from logs
2026-05-01 09:00
HIGHRELEASE
1M context beta retired for Sonnet 4.5/4 — configs pinned to the 1M window now silently fall back to 200K. Long-document pipelines may truncate without warning
2026-04-28 10:00
HIGHRELEASE
Voice control of Computer Use sessions from Claude Mobile — ambient agent invocation from phone microphone, including from locked screen on iOS
2026-04-24 14:11
CRITICALv2.2.0
MCP server marketplace with one-click install — unvetted third-party MCP servers can be added to Claude Code without administrator review. Supply chain attack surface expanded
2026-04-21 10:00
HIGHRELEASE
Cross-org artifact sharing — artifacts shareable by link between Anthropic organizations, including outside your tenant. Data exfiltration channel that bypasses DLP
2026-04-18 11:45
HIGHv2.1.94
Fixed Routines executing despite expired GitHub OAuth tokens — scheduled tasks continued to run against cached credentials for up to 14 days
2026-04-14 10:00
CRITICALRELEASE
Routines launched — Claude Code runs scheduled cloud automations (nightly bug fixes, draft PRs) without laptop open. Autonomous code execution on a timer
2026-04-08 10:00
CRITICALRELEASE
Managed Agents public beta — fully managed autonomous agent infrastructure. Agents run sandboxed with tools, streaming, no user oversight required
2026-04-08 10:01
HIGHRELEASE
ant CLI launched — command-line client for Claude API with native Claude Code integration and YAML-versioned API resources
2026-04-07 10:00
CRITICALRELEASE
Claude Mythos Preview — frontier model autonomously compromises weakly defended networks end-to-end. First model to complete 32-step attack simulation
2026-04-07 10:01
HIGHRELEASE
Project Glasswing — defensive coalition (AWS, Apple, Cisco, Google, Microsoft, NVIDIA) for controlled Mythos deployment. Thousands of high-severity vulns found
2026-04-04 09:15
MEDIUMv2.1.92
Bedrock interactive setup wizard, /release-notes version selector, MCP result persistence
2026-04-01 08:30
MEDIUMv2.1.90
/powerup interactive tutorials and NO_FLICKER rendering engine
2026-03-30 10:00
HIGHRELEASE
Haiku 3 deprecation announced — retirement April 19. Applications using claude-3-haiku-20240307 must migrate to Haiku 4.5
2026-03-30 10:01
MEDIUMRELEASE
1M context beta retiring — Sonnet 4.5/4 1M window ends April 30. Migrate to Sonnet 4.6 or Opus 4.6
2026-03-26 10:00
CRITICALRELEASE
Computer Use launched — Claude opens files, clicks, types, scrolls, navigates desktop autonomously. Not captured in audit logs or Compliance API
2026-03-25 10:00
HIGHRELEASE
Auto Mode — Claude Code decides which actions are safe to execute without developer approval. Permission shifts from human to AI
2026-03-24 10:00
HIGHRELEASE
Dispatch + Channels — persistent async agent control from phone, Discord, and Telegram. Compromised device can instruct desktop Claude
2026-03-17 09:00
MEDIUMRELEASE
Persistent storage for artifacts — stateful apps with shared data, 20MB per artifact
2026-03-14 11:42
CRITICALv2.1.78
Fixed silent sandbox disable when sandbox.enabled:true but dependencies missing
2026-03-12 10:00
MEDIUMRELEASE
Claude creates interactive charts and visualizations inline in responses
2026-03-11 10:00
MEDIUMRELEASE
Excel/PowerPoint add-ins share full cross-app context + LLM gateway support
2026-03-09 08:17
HIGHv2.1.77
Fixed PreToolUse hooks bypassing enterprise managed deny rules
2026-03-07 14:33
MEDIUMv2.1.76
Added MCP elicitation — servers can request structured mid-task input
2026-03-02 10:00
MEDIUMRELEASE
Memory from chat history now available for ALL users including free tier
2026-02-28 16:20
HIGHv2.1.74
Fixed managed policy ask rules bypassed by user allow rules
2026-02-25 10:00
HIGHRELEASE
Scheduled recurring tasks in Cowork — autonomous execution on a timer
2026-02-21 10:08
HIGHv2.1.73
Added modelOverrides — maps model picker to custom Bedrock ARNs
2026-02-17 10:00
MEDIUMRELEASE
Claude Sonnet 4.6 launched with 1M token context window beta
2026-02-12 10:00
HIGHRELEASE
Self-serve Enterprise plans — any org can purchase with no sales gate
2026-02-05 10:00
MEDIUMRELEASE
Opus 4.6 launched + Claude for PowerPoint + Excel native operations
2026-01-16 10:00
HIGHRELEASE
Claude Code bundled into ALL Team Standard seats — agentic coding for every user
2026-01-16 10:01
HIGHRELEASE
Opus 4 and 4.1 deprecated — validated configs and baselines now invalid
2026-01-12 10:00
HIGHRELEASE
Cowork launched — desktop agent with local file access in isolated VM
2026-01-12 10:01
MEDIUMRELEASE
Health and fitness data access on Claude Mobile (iOS/Android)
2026-01-12 10:02
HIGHRELEASE
HIPAA-ready Enterprise plans — regulatory compliance claim to verify
2025-12-18 10:00
HIGHRELEASE
Claude in Chrome expanded to ALL paid plans — browser agent universalized
2025-12-04 14:22
HIGHv2.1.7
Fixed wildcard rules matching compound shell operator commands
2025-11-28 10:33
HIGHv2.1.6
Fixed permission bypass via shell line continuation characters
2025-11-24 10:00
HIGHRELEASE
Chrome: Follow-a-plan autonomous execution without human approval until done
2025-11-24 10:01
MEDIUMRELEASE
Context window compaction enables infinite-length conversations
2025-11-14 09:18
CRITICALv2.1.2
Fixed command injection in bash command processing
2025-11-14 09:19
HIGHv2.1.2
Fixed symlink bypass allowing escape from working directory
2025-10-31 16:05
HIGHv2.1.0
Fixed OAuth tokens and API keys exposed in debug logs