“`html
Zhipu AI’s open-weight GLM-5.2 model is said to be performing comparably to Anthropic’s constrained Claude Mythos in certain cybersecurity and software vulnerability detection tasks, a progression that is heightening apprehensions within the U.S. government regarding the efficacy of its AI export control strategy.
Zhipu AI (Z.ai) launched GLM-5.2 on June 13, 2026, under a flexible open-weight license, allowing any researcher or developer to download and operate the model on standard consumer-grade hardware. In contrast to Anthropic’s Mythos, which is subjected to U.S. export regulations, GLM-5.2 is openly accessible globally.
Although the model still lags behind Anthropic and OpenAI systems on broad general-purpose benchmarks, its specific performance in vulnerability detection has garnered the attention of the security community.
Independent evaluations by Semgrep positioned GLM-5.2’s IDOR (Insecure Direct Object Reference) vulnerability detection at an F1 score of 39%, surpassing Claude Code’s 32–37% on identical assessment tasks.
Significantly, the model achieved these outcomes at roughly $0.17 per vulnerability discovered, about one-sixth the expense of similar Claude-based workflows. Additional benchmarks from Graphistry further validated this finding, showing that a freely downloadable Chinese open-weight model can compete with U.S. frontier AI in certain security sectors.
| Metric | GLM-5.2 (Zhipu AI) | Claude Mythos (Anthropic) |
|---|---|---|
| IDOR Detection F1 Score | 39% | ~32–37% |
| Cost Per Vulnerability Found | ~$0.17 | ~$1.00+ |
| Access Model | Open-weight (public) | Restricted / export-controlled |
| General-Purpose Benchmark Rank | Trails U.S. models | Frontier-tier |
| License | Permissive | Proprietary |
The Trump administration has regarded advanced AI models such as Mythos and Fable as significant national security resources, referencing their capacity to autonomously identify software vulnerabilities as potential enablers of cyber warfare.
U.S. export regulations have halted access to these models for foreign entities, including Chinese researchers, specifically due to concerns regarding cyber risks. The launch of GLM-5.2 challenges the fundamental assumption behind these restrictions, which posits that preventing access to frontier models would hinder adversaries from developing comparable offensive cyber capabilities.
Anthropic’s own Project Glasswing, which utilized Claude Mythos to reveal over 10,000 critical vulnerabilities in its initial report, had previously demonstrated just how potent these models can be in vulnerability research scenarios. GLM-5.2 now raises the possibility that similar capabilities are no longer solely in U.S. possession.
This development comes as OpenAI unveiled GPT-5.6 with limited availability due to comparable misuse concerns, highlighting a broader U.S. initiative to restrict powerful AI behind access limitations.
Security researchers caution that open-weight models reaching frontier-level performance in specialized tasks like bug detection significantly shorten the timeline for both defensive automation and potential offensive exploitation. GLM-5.2’s public availability indicates that these capabilities are already within reach of threat actors globally, regardless of U.S. regulatory approval.
The emergence of GLM-5.2 indicates that China has made tangible advancements in specialized, high-stakes AI fields, necessitating a critical reassessment of whether hardware restrictions and model access controls alone can maintain Western superiority in AI-driven cybersecurity tools.
“`