OpenAI has unveiled GPT-5.2-Codex, a cutting-edge model optimized for agentic coding and enhanced cybersecurity tasks. The release highlights breakthroughs in handling complex software engineering and vulnerability detection.
GPT-5.2-Codex tops SWE-Bench Pro with 56.4% accuracy, outperforming GPT-5.2 at 55.6% and GPT-5.1 at 50.8%. On Terminal-Bench 2.0, it scores 64.0%, surpassing prior versions like GPT-5.2’s 62.2%. These gains stem from improved long-context handling, tool use, and native compaction for extended coding sessions.
| Benchmark | GPT-5.2-Codex | GPT-5.2 | GPT-5.1-Codex-Max |
|---|---|---|---|
| SWE-Bench Pro | 56.4% | 55.6% | 50.8% |
| Terminal-Bench 2.0 | 64.0% | 62.2% | 58.1% |
The model excels in professional Capture-the-Flag challenges, showing sharp capability jumps over predecessors. It supports fuzzing, test environment setup, and attack surface analysis, accelerating defensive workflows. OpenAI notes stronger safeguards despite dual-use risks, staying below “High” cyber capability per its Preparedness Framework.
A researcher using GPT-5.1-Codex-Max uncovered flaws in React Server Components while probing CVE-2025-55182, a critical RCE (CVSS 10.0) fixed December 3, OpenAI noted.
This led to CVE-2025-55183 (source code exposure, CVSS 5.3), CVE-2025-55184, and CVE-2025-67779 (DoS, CVSS 7.5), disclosed December 11. The process involved iterative prompting, local setups, and fuzzing, as diagrammed in shared visuals.
GPT-5.2-Codex is now available to paid ChatGPT Codex users, with API access coming soon. An invite-only pilot targets validated cybersecurity professionals for defensive tasks such as red-teaming. OpenAI pairs advances with model safeguards and community collaboration to curb misuse.
This evolution equips developers and defenders against rising threats in codebases and infrastructure. React patches urge upgrades to versions like 19.0.3+.
AI-Powered ISO 27001, SOC 2, NIST, NIS 2, and GDPR Compliance Checklist => Start for Free
