AI & Singularity

OpenAI Codex Security Finds 11,000+ Bugs in First Month

OpenAI’s new Codex Security tool has identified over 11,000 high-impact security vulnerabilities in its first month of testing, the company announced today. The AI-powered security scanner found 792 critical vulnerabilities and 10,561 high-severity issues across 1.2 million code commits.

AI vulnerability scanner finds real bugs in production code.

The Scale

The tool scanned external repositories including major open-source projects like OpenSSH, GnuTLS, PHP, and Chromium. Fourteen CVEs have already been assigned from the findings.

Codex Security is now available in research preview for ChatGPT Pro, Enterprise, Business, and Edu customers, with a 30-day free trial. Early access partner Netgear praised the results for identifying vulnerabilities that traditional tools missed.

Why It Matters

This is AI doing tangible security work at scale ” — not just chat, but actually finding real bugs in production code. The tool builds on an earlier internal project code-named “Aardvark” and represents a practical application of AI reasoning capabilities.

For enterprise adoption, this demonstrates AI’s value beyond content generation: security auditing, code review, and vulnerability detection are all areas where AI can augment human expertise.

Background

The tool is part of OpenAI’s broader push into enterprise applications, following the Pentagon deal controversy. While that deal drew criticism for military applications, Codex Security shows the company’s continued focus on practical business tools.

Source: CSO Online, OpenAI announcement