Claude Fable 5 banned on third day after release: what happened
Main chat
A chat for vibe coders: news, guides, live cases, marketplace, and finding executors.
On June 9, 2026, Anthropic released the Claude Fable 5, the most powerful publicly available model in the company’s history. On June 12, Friday night, the U.S. government ordered that access to this model be immediately cut off for all users worldwide. Anthropic complied within hours.
There are three days between these two dates. Discuss in order what happened, why, and what it means next.
What is Fable 5 and why was it a great release
On June 9, 2026, Anthropic released the Claude Fable 5, the first model from the new Mythos class, a level higher than the Opus class that the company admitted to general use. The model was immediately declared as state-of-the-art in almost all tested areas: software development, analytical work, vision, scientific research.
The model API identifier is claude-fable-5, the context window is 1 million tokens, up to 128,000 tokens at the output per request.
Benchmarky at launch
According to the official launch table of Anthropic, the SWE-bench Pro Fable 5 showed 80.3% - against 69.2% for Opus 4.8, 58.6% for GPT-5.5 and 54.2% for Gemini 3.1 Pro. Independent platform Vals AI recorded a result of 95.0% on SWE-bench Verified, which also exceeded the performance of competitors.
In finance and law, Fable 5 showed a serious gap: in blind pairwise comparisons Real-World Finance v2 model preferred Opus 4.8 in 74% of cases, with an Elo rating of 1374 vs 1222.
Among the client cases at the launch, Stripe reported that Fable 5 completed a 50 million-line codebase migration to Ruby in one day, versus a two-month estimate for manual work.
Where did the name "Fable" come from
Fable 5 didn’t come out of nowhere. The name "Fable" refers to the public version of the Mythos model. Mythos itself was announced in early April 2026 as the Claude Mythos Preview – and has since remained extremely restricted due to what Anthropic described as the model’s exceptional ability to find security vulnerabilities in software.
According to Anthropic, Mythos found vulnerabilities in every major operating system and browser it tested. Instead of a wide release, the company launched Project Glasswing, giving access to roughly 50 trusted organizations — including Amazon, Apple, Google, Microsoft, and CrowdStrike — for use for cybersecurity purposes.
Fable 5 was a response to obvious commercial pressure: a version of Mythos with security mechanisms blocking responses in high-risk areas — cybersecurity and biology — which, according to the company’s argument, made the model safe enough for a general release.
Deployment at launch
Fable 5 went public on June 9: Claude API, Claude Platform on AWS, Amazon Bedrock, Vertex AI, and Microsoft Foundry, plus GitHub Copilot on the same day.
For subscribers of consumer plans (Pro, Max, Team, Enterprise), the model was included at no extra charge from June 9 to June 22, after which use switched to usage credits. In Claude Code, Fable 5 was not the default model on any tariff — it had to be explicitly selected through /model fable.
Problems started immediately: too strict security filters
Already in the first days after the release, complaints began to arrive, but not about the excessive capabilities of the model, but the opposite: excessively aggressive protective filters.
The Principal Research Fellow at the Institute for Disease Modeling (part of the Global Health Division Gates Foundation) reported that the Fable 5 input security classifier silently switched the model to Opus 4.8 at almost every Claude Code session — even in a session whose only user input was the word “Hello.”.
The Claude Code repository on GitHub accumulated dozens of similar error messages: the model’s security filters triggered harmless messages, refused to help with editing the resume for the “Application Security Architect” position, blocked use for control systems not associated with research laboratories.
On social media, the immunologist and professor at the Jackson Laboratory for Genomic Medicine noted that the word “cancer” was classified by Fable 5 as a biosafety risk.
The peculiarity of the Fable 5 was that Anthropic decided to hide the triggers of protective mechanisms aimed against attempts to distill competing models. Classifiers designed to catch attempts in the field of cybersecurity, biology, chemistry and distillation, quietly switched the request to the latest Opus model, notifying the user after the fact.
On June 10, in response to criticism, an Anthropic spokesperson acknowledged that the company had made security mechanisms too strict, and announced changes: From this week, requests that fall under the filters for developing front-end LLMs will apparently switch to Opus 4.8, and in the API, any blocked request will return the reason for the refusal.
Claimed jailbreak protection
Anthropic claimed a serious level of security checks: external bug bounty testing recorded more than 1,000 hours of attempts against Fable 5 classifiers without detecting a universal jailbreak - although in the announcement itself the company acknowledged that the UK AI Security Institute had moved towards such a jailbreak in the initial stages of testing.
Anthropic explicitly articulated this as a conscious startup risk: every security mechanism used in the industry is vulnerable to non-universal jailbreaks capable of extracting some cyber information in specific circumstances, and universal jailbreaks are likely to be found in the future. Given that perfect jailbreak protection isn’t possible today, Anthropic has adopted a defense in depth strategy – aiming to make jailbreaks either narrow or very expensive to produce, combined with monitoring to quickly detect and block successful attacks.
This wording from the release announcement will become central just three days later.
June 12: U.S. government directive
On the evening of Friday, June 12, 2026, at 17:21 U.S. East Coast time, Anthropic received an export control directive from the government ordering the immediate suspension of all access to Fable 5 and Mythos 5 for any foreign national, both inside and outside the United States, including foreign employees of Anthropic itself.
The formal wording restricted access for foreign nationals. But the actual effect of the directive forced the company to completely disable both models for all customers around the world to ensure compliance. Access to all other Anthropic models is not affected.
This is the first publicly known case where a major AI company has been forced by the federal government to remove an already deployed model from public access.
What it looked like for users
On Claude’s page, the message read “Fable 5 is temporarily unavailable.” Claude’s official X account explained to users that all Claude products will run new sessions on the default model or Opus 4.8, and existing sessions on Fable 5 will end with an error.
Letter from Commerce Secretary
According to Axios, the directive was framed as a letter from U.S. Commerce Secretary Howard Latnick to Anthropic CEO Dario Amodei, which stated that the Mythos 5 and Fable 5 models would be subject to export controls for any locations outside the United States and for all foreign persons in the country.
An administration source told Axios that the Commerce Department made the decision after another company said it was able to jailbreak Mythos, alarming the administration about possible national security risks.
According to the same source, the Trump administration has previously tried to stop the release of the model, but failed to achieve this.
What exactly was discovered: Anthropic position
In a statement, Anthropic detailed what it believes is at the heart of the government directive. The letter did not contain specific details of national security concerns. According to the company’s own assessment, the government became aware of the method of bypassing protection, or jailbreaking Fable 5.
Anthropic said it had considered a demonstration of this particular technique used to identify a small number of previously known, minor vulnerabilities. All of these vulnerabilities seemed relatively simple, and other publicly available models are also able to detect them, according to the company.
In an update published via 9to5Mac, Anthropic went further: the company said it planned to share more information within the next 24 hours, but already believes the government directive is based on a narrow, non-universal jailbreak taking advantage of capabilities already available in other models, including OpenAI's GPT-5.5.
Anthropic apologized to customers for the disruption, said it believed the government's actions were based on misunderstandings, and vowed to work to restore access as soon as possible.
Reaction and broader context
The decision caused a noticeable reaction in the industry for several reasons.
**Unprecedented. This is the first known case of direct intervention by the U.S. federal government into an already published and working commercial AI model on such a scale – a shutdown not a point-by-point, but a complete one, worldwide, for all users.
Anthropic has long publicly emphasized the risks of its most powerful models and deliberately limited their distribution - it was this caution that ultimately worked against it, giving the government reason to intervene.
** Supply chain risk.** Reportedly, after negotiations between Anthropic and the Department of Defense failed to produce a result, the Department of Defense designated Anthropic as a supply chain risk - a formulation historically reserved for foreign adversaries.
Disagreement with the rationale. Anthropic, while continuing to implement the directive, publicly objected to the government's interpretation, pointing out that the vulnerabilities found were minor, known and reproducible on competitor models.
What does it mean for users and developers right now
If you’ve used Fable 5 through APIs, Claude Code, Bedrock, Vertex AI, or Microsoft Foundry, the claude-fable-5 model isn’t available right now. Active sessions end with an error, new requests are automatically served by Opus 4.8 or the default model.
Mythos 5, available only to a narrow range of organizations under Project Glasswing, is also disabled for everyone — including those 50 trusted partners who previously had access for cybersecurity protection tasks.
Access to the Claude Opus 4.8, Sonnet and the rest of the Anthropic lineup is not affected by the directive - this is clearly emphasized in all statements of the company.
At the time of writing, it is not known how long the shutdown will last and whether it will result in permanent model changes, access requirements, or further regulatory action. Anthropic said it would work to restore access, but did not give a specific timeline.
Chronology of events
Starting April 2026: Claude Mythos Preview Launches Project Glasswing
(~50 organizations for cybersecurity)
June 9, 2026 – Claude Fable 5 (Mythos class, public version)
Simultaneous launch on 5 platforms + GitHub Copilot
9-10 June 2026 – Mass reports of false positives
filters for harmless requests
June 10, 2026 – Anthropic admits that filters are too strict.
Announce visible fallback notifications
June 12, ~17:21 ET — Anthropic receives a US Department of Commerce directive
Export control for Fable 5 and Mythos 5
June 12 - Anthropic shuts down both models for all users
worldwide, publishes an official statementOutcome
The history of the Fable 5 fits into three days: from the release of the most powerful public model in the history of the company to a complete shutdown at the request of the US government. The formal basis is export control for foreign nationals, the actual effect is disconnection for all.
According to Anthropic, the directive is based on a jailbreak demonstration, which revealed several minor and already known vulnerabilities - replicable, according to the company, and on competitors' models. The government reportedly acted on a third-party report that Mythos could be circumvented.
Regardless of how this particular case is resolved, the event set a precedent: the U.S. government is willing to unilaterally and expeditiously shut down deployed commercial AI models for national security reasons — even when the company itself publicly disagrees with the basis for such a decision.
