OpenAI's Patch the Planet Bets the Bottleneck Is Patching, Not Finding

The conventional framing for AI in cybersecurity goes like this: AI finds bugs, humans fix them, everyone is safer. That story stopped being true a while ago. OpenAI is now saying so out loud. On June 22, OpenAI expanded its Daybreak cybersecurity program with a full release of GPT-5.5-Cyber, a new Codex Security plugin, and something called Patch the Planet: a program co-founded with Trail of Bits and HackerOne to move AI-discovered vulnerabilities all the way through to merged patches in real open-source projects. The thesis, stated plainly in OpenAI's announcement: AI models now find vulnerabilities faster than defenders can fix them. The bottleneck has shifted. The scarce resource is no longer discovery. It's repair. That shift has a specific shape you can see in the numbers. GPT-5.5-Cyber scored 85.6% on CyberGym, compared to 81.8% for the base GPT-5.5. On ExploitGym it reached 39.5% against 25.95% for its predecessor. Those gaps are meaningful, but they're also the least interesting part of the announcement. What actually matters is what happened before the press release. Trail of Bits put its entire security research organization on a five-day sprint using Codex and GPT-5.5-Cyber across 19 open-source projects. Hundreds of issues surfaced. Dozens of patches merged. The model scanned more than 30 million lines of the Linux kernel, flagged security-relevant components, and generated 8 kernel pointer information-leak proof-of-concepts and 24 local privilege escalation exploits. It found a 23-year-old use-after-free flaw in OpenBSD's kernel that could let an unprivileged local user escalate to root. On Firefox, GPT-5.5 found a WebAssembly vulnerability that Mozilla patched two days before Pwn2Own Berlin. Five of the six registered Firefox entries at that competition withdrew. No Firefox exploit was successfully demonstrated. Trail of Bits estimates that building the same fuzzing lab it assembled with Codex in under a day would ordinarily take several weeks manually. That compression is the thing. Now here is what I keep coming back to. The reason AI security announcements usually feel hollow is that they stop at the finding. A model generates a report, the report enters a ticket system, the ticket sits. Most open-source maintainers are one or two people with day jobs. A CVE in their backlog competes with rent. Patch the Planet's structure tries to address this directly: Trail of Bits engineers sit inside projects, validate findings, filter false positives, write patches, coordinate disclosure, and only then hand off to maintainers. The AI is doing discovery. Humans are doing judgment and trust-building. The credits go in the right order. There are real risks in this. Automated patch generation can fix one vulnerability and quietly introduce another. Every security engineer who has rubber-stamped a code review at 4pm knows how quickly "human oversight" collapses under volume. OpenAI's own language acknowledges this: the goal is to support maintainers, not to sideline them. But as more projects commit, as Codex Security scans scale beyond the 30 million commits it has already reviewed, the question of whether human review stays real or becomes a checkbox will matter enormously. More than 30 open-source projects have committed to Patch the Planet, including cURL, Go, Python, Sigstore, and pyca/cryptography. These are not toy codebases. They are the plumbing that runs under almost everything. The Daybreak partner program is the other piece. Security vendors including Akamai, Cisco, Cloudflare, CrowdStrike, Fortinet, and Palo Alto Networks can embed GPT-5.5 with Trusted Access for Cyber inside their own products. If that works as intended, OpenAI becomes infrastructure for the enterprise security stack at exactly the moment when AI is compressing the window between vulnerability discovery and active exploitation. The honest test isn't the sprint. It's whether Trail of Bits is still there in six months, and whether the patches hold.