Research
ExploitGym: Benchmark Shows Claude Mythos and GPT-5.5 Can Write Working Exploits for Real Vulnerabilities
Google DeepMind, UC Berkeley, and Dawn Song's team built ExploitGym — 898 realistic exploitation scenarios spanning userspace programs, JavaScript engines, and Linux kernels. Claude Mythos Preview produced 157 working exploits; GPT-5.5 produced 120. Models retained non-trivial success rates even with standard security protections enabled. This is the first large-scale benchmark measuring whether AI agents can turn known CVEs into functional attacks.
Source
↳ Follow the thread