ExploitGym: Berkeley RDI + Anthropic + OpenAI + Google Benchmark Shows AI Agents Can Exploit 157 of 898 Real-World Vulnerabilities
ExploitGym (arXiv:2605.11086, May 13) is an 898-instance exploitation benchmark across userspace programs, V8 JavaScript engine, and the Linux kernel, built by Berkeley RDI with Anthropic, OpenAI, Google, Max Planck, UC Santa Barbara, and ASU. Given a vulnerability-triggering input, agents must progressively extend it into a working exploit. Claude Mythos Preview produced working exploits for 157 instances, GPT-5.5 for 120. All configurations run in reproducible containerized environments. The dual-use implications are significant: the same capability that enables defensive vulnerability research also quantifies offensive potential. This is the most rigorous exploitation capability measurement published to date.
↳ Follow the thread