OpenAI launches open-source bug-fixing initiative
What's the story
In a major move, OpenAI has announced its "Patch the Planet" initiative, a global effort to improve the security of open-source software. The project is being launched in partnership with leading research-focused security firm Trail of Bits and vulnerability management companies HackerOne and Calif. The announcement comes as fears about AI hacking capabilities continue to grow.
Project details
Initiative to offer free security consulting services to open-source maintainers
The Patch the Planet initiative will offer free security consulting services to open-source maintainers. The goal is not just to help them find and patch vulnerabilities, but also to strengthen their code bases and integrate AI security tools into their development process. The project hopes to provide personalized support for as many open-source projects as possible, improving both current security, and long-term resilience in a sustainable manner.
Developer challenges
Backlog of bug reports for open-source developers
Open-source developers, who are usually volunteers maintaining critical software with limited resources, have been struggling to keep up with bug reports. The rise of AI vulnerability hunting in recent months has made this backlog feel insurmountable for many maintainers. OpenAI's cyber tech lead Fouad Matin said that "what we've effectively done is make it as efficient from a token perspective as possible to reduce the burden for maintainers—code base assessments, validating potential reports, creating patches, and landing them."
Project participation
Over 30 projects have already joined the initiative
More than 30 open-source projects have already joined the Patch the Planet initiative, with more to follow. Trail of Bits recently held a five-day opening sprint for this project, with 25 engineers working on collaborations with various maintainers. OpenAI and Trail of Bits say that the project has already discovered hundreds of bugs and created dozens of patches in its first week.
Model performance
OpenAI's GPT-5.5-Cyber scores high on CyberGym benchmark assessment
OpenAI's latest cybersecurity-focused model, GPT-5.5-Cyber, has scored an impressive 85.6% on the CyberGym benchmark assessment. This is a significant improvement from its predecessor and even beats Anthropic's Mythos 5, which scored 83.8%. The announcement comes as both companies prepare for IPOs amid ongoing competition in the AI cybersecurity space.