OpenAI Wants AI to Patch the Open Source Code Running the Internet

What Happened

On June 23, 2026, OpenAI announced Patch the Planet, a partnership with security firm Trail of Bits to hunt vulnerabilities in widely used open source projects. The setup pairs AI driven research with human review. 

AI models and a tool called Codex Security comb through code, then Trail of Bits engineers check the findings before anything reaches the people who maintain these projects. That review step matters, because it filters out false alarms and duplicate reports that would otherwise pile work on volunteer maintainers. 

The first projects on the list read like a map of the internet’s plumbing: Python, Go, cURL, Sigstore, NATS Server, aiohttp, freenginx, pyca/cryptography, and python.org. These cover software building, networking, cryptography, and supply chain tools used across countless business systems. 

Each engagement starts with a conversation with the maintainers to spot where help is needed most. From there, researchers dig into possible flaws, confirm the real ones, build or sharpen patches, support testing, and coordinate the public disclosure through each project’s normal process. 

OpenAI is also working with HackerOne and Calif on triage and disclosure as the effort grows. The early numbers are notable. OpenAI says the work has already turned up hundreds of security issues and merged dozens of patches, with more still moving through disclosure. The project has also spun out tools for fuzzing, historical CVE analysis, and differential testing.

The Impact

Here is the part security teams should sit with. A program like this only changes your risk if you treat AI driven research as one input, not a replacement for a real supply chain plan. Forrester analyst Biswajeet Mahapatra put it plainly: the big shift is speed, since AI can find, confirm, patch, test, and document issues faster, while human reviewers cut false positives before maintainers drown. 

But the need for scarce expertise does not vanish. It moves to judgment calls, deciding what is truly exploitable, whether a patch is safe, and when to disclose. There is a flip side too. When fixes land faster, attackers also learn about the underlying flaw faster, so the race to patch your own systems gets tighter. And open source cybersecurity architect Devashri Datta warned that loose, ad hoc disclosure in an AI sped up world is not a process gap, it is a liability.

How to Avoid This 

The takeaway is not to lean back and let OpenAI handle it. Build your own guardrails. Datta suggests a safety relevance layer, where every AI flagged finding passes automated checks and proof of concept testing before a human ever sees it. Keep a live software bill of materials so you actually know which open source pieces sit inside your stack and where they run. 

Stop ranking fixes by generic CVSS scores alone and weigh each flaw against the system it touches, its business role, and how likely it is to be hit. Set clear disclosure paths ahead of time for when a flaw shows up in code you do not own. And move from patching on a calendar to reducing exposure all the time.