OpenAI has moved beyond detecting security vulnerabilities to actively fixing them at scale. On June 22, 2026, the company released GPT-5.5-Cyber, a specialized version of its flagship GPT-5.5 model designed specifically for authorized cybersecurity work. This release marks a significant shift in how AI is being deployed in defensive security, moving from a discovery-focused approach to one that emphasizes remediation and patch development.

What Makes GPT-5.5-Cyber Different From Standard GPT-5.5?

GPT-5.5-Cyber is a fine-tuned variant of the base GPT-5.5 model, meaning it has been specially trained on security-focused tasks to develop capabilities that the standard model does not expose. The key difference lies in its lower refusal boundary for legitimate security work, allowing it to perform tasks that would normally be restricted on the general-purpose version.

The model is designed to handle advanced defensive security tasks that require deep technical analysis. These capabilities include tracing vulnerable code from entry point to root cause across large codebases, determining whether a vulnerability is actually exploitable in a specific deployment context, gathering validation evidence for human security review, developing remediation patches, and preparing structured reports compatible with existing vulnerability management systems.

Access to GPT-5.5-Cyber is deliberately restricted. OpenAI has limited availability to what the company calls "verified defenders," including vetted security vendors, government agencies, academic researchers, and enterprise security teams operating under OpenAI's Trusted Access for Cyber program. Individual users accessing the model are required to enable phishing-resistant authentication, treating the highest-capability tier more like privileged access to critical infrastructure than a consumer product.

How Does GPT-5.5-Cyber Perform on Security Benchmarks?

GPT-5.5-Cyber achieved a score of 85.6% on CyberGym, an internal OpenAI benchmark that measures whether an AI agent can reproduce known software vulnerabilities in controlled testing environments. This represents the highest single-model result on that benchmark to date, significantly outperforming the standard GPT-5.5 at 81.8%, GPT-5.4 at 79.0%, and Claude Opus 4.7 at 73.1%.

On ExploitGym, another security benchmark, the performance gap is even more pronounced. GPT-5.5-Cyber achieved 39.5% compared to 25.95% for standard GPT-5.5, a 13.5-point improvement that reflects meaningfully deeper capability for finding real exploit paths rather than just reproducing known vulnerability patterns.

However, it is important to understand what these benchmarks actually measure. CyberGym tests whether the model can reproduce known vulnerabilities in test environments, not whether it can discover novel zero-day vulnerabilities in production systems. The more meaningful real-world metric comes from Patch the Planet, OpenAI's structured program to fix vulnerabilities in widely used open-source projects. In an initial five-day sprint, the program surfaced hundreds of real issues across 19 open-source projects, with dozens of patches merged into production code.

What Is the Codex Security Plugin and How Does It Work?

The Codex Security plugin is the component of this launch with the broadest practical impact for developers. Unlike GPT-5.5-Cyber, which is restricted to verified defenders, any developer using Codex can now scan their codebase, a selected folder, or a specific recent commit and receive a structured vulnerability report with severity ratings, affected code locations, validation evidence, and remediation guidance.

The plugin does not simply flag issues and move on. It traces attack paths, builds threat models, validates whether a finding is real and reachable in the actual code, generates patches, and exports results in SARIF and CodeQL formats compatible with existing vulnerability management pipelines. Since the March 2026 research preview, the plugin has scanned over 30 million commits across more than 30,000 codebases. Human reviewers have manually confirmed more than 70,000 findings as fixed, and over 500,000 findings have been automatically determined to be resolved.

Critically, no code is automatically modified without human approval. The plugin proposes patches for human review, and teams can revalidate after merging to confirm the vulnerability is resolved. This human-in-the-loop requirement is deliberate and reflects the sensitivity of security work at this level.

Steps to Integrate Security Scanning Into Your Development Workflow

• Enable the Codex Security Plugin: Activate the plugin within your existing Codex development environment to gain access to automated vulnerability scanning without requiring special security clearance or verified defender status.
• Scan Your Codebase Regularly: Use the plugin to scan your entire codebase, specific folders, or recent commits to identify vulnerabilities before they reach production systems.
• Review and Validate Patches: Examine the proposed patches generated by the model, confirm they address the identified vulnerabilities, and merge them only after human review and testing.
• Export Results to Existing Tools: Integrate vulnerability reports into your existing vulnerability management systems using SARIF and CodeQL export formats for seamless workflow integration.

What Is Patch the Planet and Why Does It Matter?

Patch the Planet is OpenAI's structured initiative to fix vulnerabilities in critical open-source infrastructure at scale. The program represents a shift from the traditional security model where researchers discover vulnerabilities and then wait for maintainers to develop and deploy fixes. Instead, OpenAI is using GPT-5.5-Cyber to proactively identify and remediate vulnerabilities in widely used open-source projects.

The initial five-day sprint produced hundreds of real issues across 19 open-source projects, with dozens of patches successfully merged. This production-level result is arguably more meaningful than benchmark scores alone, as it demonstrates the model's ability to find and fix actual vulnerabilities in code that millions of developers depend on.

OpenAI has also launched a Cyber Partner Program with over 20 security vendors, expanding the reach of these capabilities beyond OpenAI's own infrastructure. This partnership approach suggests the company is positioning itself not as a standalone security vendor but as a foundational technology provider for the broader security ecosystem.

How Does This Fit Into the Broader AI Model Landscape?

The release of GPT-5.5-Cyber comes at a time when the AI model leaderboard is becoming increasingly specialized. While general-purpose models like GPT-5.5 and Claude continue to compete on broad benchmarks, the trend toward fine-tuned variants optimized for specific domains is accelerating.

According to Epoch AI's benchmarking database, Claude Fable 5 recently achieved a new high score of 161 on the Epoch Capabilities Index, beating GPT-5.5 Pro by 1 point and marking the first time Anthropic has taken the lead on that benchmark in over a year. This competitive dynamic suggests that the future of AI development will involve both broad capability improvements and increasingly specialized models tailored to specific use cases like cybersecurity.

Sam Altman, OpenAI's CEO, described the initiative clearly on launch day, stating that "GPT-5.5-Cyber is here. Patch the Planet and Codex Security will help solve security problems instead of just finding them." That shift from finding to fixing represents the operative principle behind this release and signals OpenAI's strategic bet that governments and security teams will trust the company with the most sensitive defensive work on the planet.

Sam Altman, OpenAI's CEO