Open-Weight GLM-5.2 Matches Restricted Claude Mythos in Cyber

On June 16, 2026, Beijing-based Zhipu AI released GLM-5.2 under an MIT license. The launch delivered an open-weight model that independent researchers confirm matches the cyber-offensive capabilities of Anthropic’s highly restricted models. As detailed in the GLM-5.2 release coverage, the system provides frontier-level vulnerability discovery without the vendor oversight applied to its U.S. counterparts. For security engineering teams, this alters the baseline of what can be automated locally.

Architecture and Efficiency

GLM-5.2 is a sparse Mixture-of-Experts (MoE) model containing between 744 billion and 753 billion total parameters. During inference, it activates approximately 40 billion parameters per token. The model ships with a 1-million-token context window designed to ingest entire code repositories for long-horizon engineering tasks.

To manage the compute requirements of maximum context lengths, Zhipu AI implemented a new IndexShare sparse-attention technique. This approach reuses the same indexer across every four sparse attention layers, reducing per-token FLOPs by 2.9x. The model also exposes selectable reasoning modes, including High and Max settings, allowing developers to balance execution latency against algorithmic rigor.

Security Benchmarks and Costs

The model’s specialized performance in software vulnerability detection rivals Anthropic’s Claude Mythos 5. In testing conducted by the security firm Semgrep, GLM-5.2 achieved a 39% F1 score in detecting Insecure Direct Object Reference (IDOR) vulnerabilities. This outperformed both Claude Code and Claude Opus 4.8.

Beyond raw detection rates, the open-weight release alters the unit economics of automated bug discovery. Semgrep workflows utilizing GLM-5.2 identified vulnerabilities at approximately $0.17 per bug, compared to $1.00 or more when using equivalent Anthropic models via API.

Model	SWE-bench Pro Score	IDOR F1 Score	Discovery Cost
GLM-5.2	62.1	39%	$0.17
GPT-5.5	58.6	Not Specified	Not Specified
Claude Code	Not Specified	32-37%	~$1.00+

In addition to the SWE-bench Pro results shown above, GLM-5.2 landed within 1% of Claude Opus 4.8 on the FrontierSWE benchmark. While GPT-5.5 retains an edge in general-purpose reasoning, GLM-5.2 matches or exceeds U.S. proprietary models in specialized coding and security domains.

Distillation and Distribution

The MIT-licensed release arrived just days after a directive from the U.S. Department of Commerce ordered Anthropic to suspend global access to Claude Mythos 5 and Claude Fable 5 over national security concerns. While U.S. frontier models are gated behind APIs and vetted partner programs, GLM-5.2 allows users to download the weights and strip away safety guardrails entirely.

Researchers from Graphistry attribute the model’s high domain performance to output distillation, citing statistical patterns in GLM-5.2 that align with outputs from Claude Opus 4.8 and GPT-5.5. The local execution capability has already spurred new tooling, including Tulongfeng, a specialized bug-finding utility released by 360 Security Technology that claims parity with Mythos capabilities.

If you build automated red-teaming or vulnerability scanning pipelines, you now have access to frontier-level defect detection without API oversight or volume restrictions. Plan your security infrastructure assuming threat actors possess the same continuous, unmetered access to advanced zero-day discovery tools.