OpenAI Patch the Planet: AI Is Fixing Your Open-Source Stack OpenAI launched Patch the Planet on June 22, 2026, deploying AI agents to audit and patch open-source software, finding hundreds of vulnerabilities in the first week including four dnsmasq CVEs, a 23-year-old OpenBSD kernel exploit, and 34 FreeBSD vulnerabilities with 37 patches already merged. The initiative partners with Trail of Bits, HackerOne, and Calif to complete the full defensive loop from discovery to coordinated disclosure, affecting projects like curl, Go, Python, and Sigstore. OpenAI just deployed AI agents to systematically audit and patch the open-source software your production stack depends on. In the first week, Codex Security and GPT-5.5-Cyber flagged hundreds of vulnerabilities across curl, Python, Go, and 16 other critical projects — identifying four dnsmasq CVEs, a 23-year-old OpenBSD kernel exploit, and 34 FreeBSD vulnerabilities. Thirty-seven patches are already merged. The rest are under coordinated disclosure. This is not a side project. This is a structural bet on AI-assisted security becoming shared infrastructure. What Patch the Planet Is Launched June 22, 2026, Patch the Planet is part of OpenAI’s Daybreak security initiative https://openai.com/index/daybreak-securing-the-world/ . The partners are Trail of Bits execution , HackerOne coordination , and Calif research . The critical distinction from other AI security tools: this is not just a bug scanner. It completes the full defensive loop — discovery, validation, severity review, patch development, testing, and coordinated disclosure through each project’s established channels. Participating projects receive ChatGPT Pro access, conditional access to Codex Security, and API credits. More than 30 projects have committed. The initial nine active: curl, Go, Python, Sigstore, pyca/cryptography, NATS Server, aiohttp, freenginx, and python.org . If your stack touches any of these, this affects you directly. What Was Already Found The scope of Week 1 results is striking. Trail of Bits logged 64 pull requests, 51 filed issues, and 37 merged patches across 19 projects. Here is what is confirmed public: dnsmasq — Codex Security independently identified four of the six CVEs fixed in dnsmasq 2.92rel2. The worst is CVE-2026-4892 CVSS 8.4 : a heap out-of-bounds write in DHCPv6 handling that lets a local attacker execute code as root. The others include a remote DoS via malformed DNSSEC packets CVE-2026-4890, CVSS 7.5 , a memory-leaking heap read CVE-2026-4891, CVSS 5.3 , and a buffer overflow crashing dnsmasq CVE-2026-5172, CVSS 7.5 . If you run dnsmasq on any network infrastructure, upgrade to 2.92rel2 https://www.helpnetsecurity.com/2026/05/12/dnsmasq-vulnerabilities-cve/ now. OpenBSD kernel — GPT-5.5-Cyber found a 23-year-old use-after-free in System V semaphore handling. Confirmed exploitable: an unprivileged local user can escalate to root. Patched. FreeBSD — 34 confirmed vulnerabilities, 7 local privilege escalation PoCs. Under coordinated disclosure. Linux kernel — 8 kernel pointer leak PoCs and 24 local privilege escalation PoCs. Under coordinated disclosure. Expect advisories. How Codex Security Actually Works The mechanism is what separates this from traditional SAST tooling. GPT-5.5-Cyber scans a codebase, traces attack paths, and validates exploitability in a controlled sandbox. The output goes through a deduplication and false-positive filtering pipeline before human review. Trail of Bits engineers then reproduce findings, reassess severity, and submit only confirmed vulnerabilities to maintainers alongside validated patches. One technique worth noting: variant analysis. The models use prior CVE patterns as search templates applied across codebases — this is how a four-year-old DNSSEC bug pattern found four separate dnsmasq issues in one pass. Trail of Bits described https://blog.trailofbits.com/2026/06/22/introducing-patch-the-planet/ the process as compressing weeks of security audit work into days. That claim is credible given the Week 1 numbers. What Developers Should Do Right Now Several concrete actions, in order of urgency: Upgrade dnsmasq to 2.92rel2 — CVSS 8.4 root execution vector is reason enough. Any router, container, or VM running an older version is exposed. Subscribe to security advisories for curl, Go, Python, and Sigstore — active audits mean more patches are coming under disclosure right now. If you use pyca/cryptography or aiohttp , pin versions and watch changelogs weekly. These are direct participants with active scanning underway. Audit your supply chain signing tooling — Sigstore participation means the tools you use to verify package integrity are being actively audited. Watch for patch releases. If you want to run Codex Security on your own codebase, it is available now via ChatGPT Pro https://openai.com/index/patch-the-planet/ , with the same discovery and patch-generation workflow used on participating projects. The Bigger Picture The honest take: this is the most significant investment in open-source security infrastructure since HackerOne launched coordinated disclosure at scale. The approach is correct — human-validated patches through established channels preserves maintainer trust and avoids the noise problem that kills most automated security tools. The open question is durability. Patch the Planet is currently a funded initiative, not a self-sustaining service. If it does not become permanent infrastructure — with ongoing scanning and disclosure cycles — it will have been a useful sprint rather than a structural fix. The open-source security problem is not solved by finding bugs in a month; it is solved by finding bugs every month. Watch the coordinated disclosure queue https://thehackernews.com/2026/06/openai-expands-daybreak-with-gpt-55.html over the coming weeks. The advisories trickling out of this initiative will be worth reading carefully.