< AI News

OpenAI

GPT

OpenAI launches Aardvark, an autonomous AI security researcher

Aardvark enters private beta as an agentic system built on GPT-5 that autonomously discovers, validates, and patches software vulnerabilities across modern codebases.

Georg S. Kuklick

October 30, 2025

OpenAI has introduced Aardvark, an AI agent designed to act as an autonomous security researcher. Powered by GPT-5, Aardvark continuously scans source code repositories to identify, validate, and help fix vulnerabilities. The system is now in private beta and aims to address the increasing scale and complexity of software security challenges across enterprise and open-source environments.

Unlike traditional methods such as fuzzing or software composition analysis, Aardvark uses large language model reasoning and tool-based exploration to read, analyze, and test code as a human security expert would. It monitors commits and repository changes, detects potential exploits, validates them in sandboxed environments, and generates targeted patches using OpenAI Codex. Each proposed fix is reviewed by humans before integration through standard GitHub workflows.

OpenAI reports that Aardvark identified 92% of known and synthetic vulnerabilities during benchmark testing. In internal deployments, the agent has surfaced complex issues within OpenAI’s own systems and those of external partners. Beyond security vulnerabilities, Aardvark has also detected logic and privacy flaws, highlighting its potential for broader software quality assurance.

As part of its open-source commitment, OpenAI disclosed that Aardvark has found and responsibly reported multiple vulnerabilities in public projects, ten of which have been assigned official CVE identifiers. The company plans to provide free scanning to select non-commercial open-source repositories and has updated its coordinated disclosure policy to prioritize collaboration over rigid timelines.

With software underpinning nearly every industry and over 40,000 CVEs reported in 2024 alone, OpenAI positions Aardvark as a defender-first model that strengthens code security without slowing development. The company is inviting select organizations to join the private beta to further refine the system’s accuracy, validation, and usability before wider release.

Previous

Anthropic adds code execution to MCP for faster, cheaper AI agents

Next

OpenAI launches ChatGPT Atlas, a browser with ChatGPT built in

Never miss an update!

Subscribe for news, curated content, and special offers.

By clicking Subscribe Now you're confirming that you agree with our Terms & Conditions.

Privacy Policy

Terms & Conditions

Disclaimer

Cookie Policy

EULA

Built with ♥️ in Berlin, New York, and Vienna.

© 2025 Neo Digital Magazines llc. All rights reserved.

Never miss an update!

Subscribe for news, curated content, and special offers.

By clicking Subscribe Now you're confirming that you agree with our Terms & Conditions.

Privacy Policy

Terms & Conditions

Disclaimer

Cookie Policy

EULA

Built with ♥️ in Berlin, New York, and Vienna.

© 2025 Neo Digital Magazines llc. All rights reserved.

Never miss an update!

Subscribe for news, curated content, and special offers.

By clicking Subscribe Now you're confirming that you agree with our Terms & Conditions.

Privacy Policy

Terms & Conditions

Disclaimer

Cookie Policy

EULA

Built with ♥️ in Berlin, New York, and Vienna.

© 2025 Neo Digital Magazines llc. All rights reserved.