US Government Directive Suspends Claude Fable 5 and Mythos 5
A US export control directive targeting foreign nationals led Anthropic to disable Claude Fable 5 and Mythos 5 for all customers on June 12, 2026.
Claude Fable 5 is back. The US government lifted the export controls that took Fable 5 and Mythos 5 offline, and Anthropic restored global access on July 1, 2026, nineteen days after the June 12 suspension. The redeployment comes with an upgraded safety classifier, third-party confirmation of the safeguards, a free-access window for paid plans through July 7, and a new industry framework for judging how severe a jailbreak actually is.

The short version, if you are catching up: Claude Fable 5 and Mythos 5 launched on June 9, 2026, and were suspended three days later under a US export-control directive. We covered the launch in our Fable 5 release breakdown and the shutdown in our suspension explainer. Anthropic's redeployment announcement now fills in the rest of the story.
| Date | Event |
|---|---|
| June 9, 2026 | Fable 5 (safeguarded, general availability) and Mythos 5 (fewer safeguards, Project Glasswing partners only) launch |
| June 12, 2026 | US export controls land after Amazon researchers report a method of bypassing Fable 5's safeguards; Anthropic suspends all access the same day |
| June 26, 2026 | Government approves restoring Mythos 5 for select domestic organizations |
| June 30, 2026 | Export controls lifted; Anthropic announces redeployment plans |
| July 1, 2026 | Fable 5 and Mythos 5 access restored globally |
The trigger, now confirmed, was a report from Amazon researchers: they found a way past Fable 5's safeguards under which the model could identify software vulnerabilities and, in one case, produce code demonstrating exploitation. Because the export controls restricted access by foreign nationals and Anthropic could not verify nationality in real time on shared infrastructure, the company pulled both models for everyone rather than serve them out of compliance.
This is the part of the announcement Anthropic clearly wants on the record. Its testing found that the reported technique exposed nothing unique to Fable 5. Less capable models could replicate the vulnerability identification, including Claude Opus 4.8, GPT-5.5, and Kimi K2.7. And every model tested, from Claude Haiku 4.5 and Sonnet 4.6 through the Opus 4.6 to 4.8 line, GPT-5.4 and 5.5, and Kimi K2.7, could produce the same vulnerability exploitation demonstration.
The reported technique did not expose any unique Mythos-level cyber capabilities... [it] only involved routine defensive cybersecurity work.
Anthropic
That vindicates the position Anthropic staked out on day one of the suspension, when it characterized the finding as a small number of previously known, minor vulnerabilities. If a capability is reachable in every frontier model on the market without any bypass at all, restricting one vendor's model does not remove the capability from the world. It just removes that vendor from the market for nineteen days.
Anthropic still treated the report as real input. It deployed an improved safety classifier targeting the reported bypass technique, which now blocks it in over 99% of cases. The Center for AI Standards and Innovation (CAISI) tested both the prior and the new safeguards and confirmed they are extraordinarily strong. That third-party sign-off is what turned the June 30 lifting of controls into a July 1 global restoration.
As of July 1, Fable 5 is available again on the Claude Platform, Claude.ai, Claude Code, and Claude Cowork, globally. Anthropic says access through AWS, Google Cloud, and Microsoft Foundry will be re-enabled as quickly as possible, so cloud-marketplace integrations may lag the first-party surfaces by a bit.
The pricing structure has a deadline worth knowing. Pro, Max, Team, and select Enterprise plans get Fable 5 included for up to 50% of weekly usage limits through July 7, 2026. After July 7 it moves to usage credits. If you want to evaluate the model on your real workload without touching credits, this week is the window.
Mythos 5, the same underlying model with safeguards lifted for defensive cybersecurity work, was restored earlier and more narrowly: the government approved access for select US organizations on June 26, and it remains limited to vetted partners rather than general availability.
The most consequential part of the announcement may not be the restoration itself but what Anthropic is building so this does not happen again. Together with Amazon, Microsoft, Google, and other Project Glasswing partners, it is proposing an industry-wide framework for scoring how severe a claimed jailbreak actually is, judged on four criteria.
The framework proposes immediate mitigation for the most severe jailbreaks and 24/7 monitoring of jailbreak submission channels. The subtext is hard to miss: the June suspension happened because there was no shared yardstick for jailbreak severity, so a demonstration that every tested model could reproduce was treated as a national-security event. A scoring rubric agreed across vendors and government gives the next report a proportionate response path short of pulling a model off the market.
Anthropic also committed to deeper government collaboration: expanded early access to models and safeguards for designated government partners with Anthropic technical staff present during testing, rapid information sharing on jailbreaks and misuse patterns, dedicated teams and compute for joint research, and work toward a shared voluntary security standard for frontier model providers. On the public side, a new HackerOne program lets security researchers submit cyber jailbreaks they find in Fable 5.
When the suspension hit, the open question was whether recalling a deployed frontier model over a narrow bypass would become the default regulatory response. The resolution suggests not: the government tested the safeguards, accepted the evidence that the capability was commodity rather than unique, and lifted the controls within three weeks. Anthropic got its model back, and the government got standing commitments on early access, threat intelligence sharing, and joint research that did not exist before June 12.
For anyone building on frontier models, the practical lessons from the nineteen days are worth keeping. Model access can disappear overnight for reasons that have nothing to do with your usage, so a tested fallback path is part of production readiness now. And the difference between a headline-grade jailbreak and routine capability every model already has is exactly the gap the new severity framework is meant to close. Fable 5 is back; the more durable change is the machinery being built around moments like this one.