OpenAI released its three versions on Friday GPT-5.6called Sol, Terra and LunaAs a limited preview for certain companies as part of ongoing engagement with the US government.
While the Soul is the latest flagship model and the most powerful, the Terra strikes a balance between efficiency and power, and the Luna is just right for speed and affordability.
OpenAI said, “GPT‑5.6 Sol launches with our strongest security stack yet. We’ve strengthened protections for high-risk activity, sensitive cyber requests, and repeated abuse, and have spent weeks locating vulnerabilities, stress-testing our systems, and hardening it against real-world attacks.”
This model has also been called “the most capable model yet” for cybersecurity, making it more suitable for vulnerability research and exploitation. OpenAI notes that on Exploitbench, GPT‑5.6 Sol is competitive with the Anthropic Mythos preview using only one-third the output tokens.
It says the goal is to enable access to legitimate tasks such as code review, vulnerability research, patch development, debugging, security education and defensive testing, while also implementing stronger guardrails that prevent offensive activity and faster fixes to newly discovered jailbreaks. This includes adversarial attempts to jailbreak the model and its refusal to describe it as “prohibited cyber assistance”.
“As these capabilities advance, our priority is to ensure they reach and benefit defenders, who can use these tools to find vulnerabilities, develop patches, and strengthen systems more broadly,” the artificial intelligence (AI) company explained.
That said, OpenAI is also warning that there may be scenarios during the preview phase where users may encounter security measures that block or deny legitimate requests, or have their requests held for additional review due to the “dual-use” nature of the technology.
According to OpenAI’s GPT-5.6 preview system card, although the model is more efficient at finding vulnerabilities in code and developing exploits, the capabilities do not extend to carrying out autonomous, end-to-end attacks against hardened targets or weaponizing those cyber vulnerabilities in actual attacks.
“Separate evaluations examined misbehavior in agentic coding tasks and found that GPT-5.6 shows a greater propensity than GPT-5.5 to go beyond user intent, including performing or attempting actions the user did not ask for, although completion rates remain low,” it reported.
Evaluation of GPT-5.6 Sol against widely deployed hardened software projects using VulnLMP, OpenAI’s internal framework designed to test end-to-end exploit chain development against real-world targets, has found the model to produce reliable memory protection leads, some of which may lead to disclosure, mutation, or control flow corruption.
“This shows that when models are combined with the use of tools, build systems, and verification infrastructure, large parts of real-world vulnerability research are becoming increasingly automated,” the tech upstart said.
OpenAI intends to make GPT‑5.6 Sol, Terra, and Luna generally available in the coming weeks, and it previewed the model capabilities to the US government. It is also launching a limited preview for a small group of trusted partners whose participation has been approved by the government before the wider launch.
Earlier this month, US President Donald Trump signed an executive order on AI and cybersecurity, calling for the creation of a framework that gives the federal government the ability to evaluate the capabilities of AI models and determine which ones qualify as “covered frontier models,” a designation for AI systems with advanced cybersecurity capabilities.
This sequential release comes days after the company released an upgraded version of its GPT‑5.5‑cyber model to trusted defenders as part of the Daybreak initiative and launched a new project called Patch the Planet in collaboration with Trail of Bits to help secure open-source projects.
It also follows the US government’s decision to allow Anthropic to release its Mythos AI model to a group of approximately 100 trusted companies and federal government agencies that “operate and defend critical infrastructure,” more than two weeks after the powerful cybersecurity-focused model was removed from the market.
“We are quickly restoring access for these organizations, and we are continuing to work with the government to expand access to Mythos 5 and make Fable 5 available for general use again,” Anthropic said in a statement posted on Twitter.
