OpenAI Expands Daybreak Initiative with GPT-5.5-Cyber Model to Help Defenders Patch Software Flaws

OpenAI on Monday released an improved version of its GPT-5.5-Cyber model to trusted defenders as part of its Daybreak initiative, alongside a new partnership to help patch security flaws in open-source projects. The AI company said the model is its strongest yet for finding and helping patch software vulnerabilities.

Calling GPT-5.5-Cyber able to sustain deeper analysis across large codebases, OpenAI said the model can identify security issues, validate them in a controlled environment, and develop and test patches. The company also released an update to the Codex Security plugin to speed up the process of discovering and patching vulnerabilities in existing systems.

Patch the Planet targets open-source maintenance burden

OpenAI launched a new initiative called Patch the Planet in partnership with security firm Trail of Bits. The program aims to help secure open-source projects that are often overwhelmed by a growing backlog of verified vulnerabilities. Initial participants include cURL, NATS Server, pyca/cryptography, Sigstore, aiohttp, the Go project, freenginx, Python, and python.org.

According to OpenAI, frontier models from Anthropic and its own company are accelerating vulnerability discovery, shifting the bottleneck from finding bugs to patching them. The company noted that AI models can navigate large codebases, reason through attack paths, and flag security issues that might have otherwise stayed hidden.

• GPT-5.5-Cyber is OpenAI's strongest model for finding and patching software vulnerabilities
• Codex Security plugin can run deep scans, generate reports with severity and remediation guidance, and generate codebase-specific patches
• Patch the Planet involves security engineers reviewing and validating findings, working with projects to develop patches and tests
• The program aims to build reusable vulnerability discovery workflows for continued security improvement

Daybreak findings reveal widespread flaws

OpenAI said the Daybreak initiative has already helped surface numerous vulnerabilities across various operating systems and web browsers. These include 32 kernel pointer information leak proofs-of-concept and 24 local privilege escalation exploits in the Linux Kernel, a 23-year-old use-after-free in OpenBSD's kernel implementation of System V semaphores, 34 vulnerabilities and 7 local privilege escalation PoCs in FreeBSD, and 6 vulnerabilities in dnsmasq. The initiative also found a denial-of-service technique called HTTP/2 Bomb impacting major HTTP/2 implementations including NGINX, Apache, IIS, and Pingora, along with 5 exploitable vulnerabilities in Google Chrome's V8 JavaScript engine, 10 exploitable Apple Safari vulnerabilities, and a WebAssembly vulnerability in Mozilla Firefox.

OpenAI said Patch the Planet is designed to put the full defensive loop of discovery, validation, severity review, disclosure, patch development, testing, and deployment in service of maintainers. The AI company emphasized that frontier models can make parts of that loop faster, but the aim is to give people responsible for shared infrastructure better tools and more capacity. The developments come as intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. have warned that advanced AI models can speed up the speed, scale, and sophistication of cyber threats, and that organizations should assume AI-driven exploitation may bypass preventative controls and outpace vendors' capacity to publish corrective measures.