China's Zhipu AI Model Challenges US Export Controls with Advanced Vulnerability Detection
China's open-weight GLM-5.2 AI model matches Anthropic's Claude Mythos in detecting specific software vulnerabilities at a fraction of the cost, raising concerns about US export controls.
China's Zhipu AI has released GLM-5.2, an open-weight large language model that is reportedly achieving performance parity with Anthropic's restricted Claude Mythos in identifying Insecure Direct Object Reference (IDOR) vulnerabilities. This development, detailed in a recent cybersecurity news report, directly challenges the effectiveness of U.S. AI export control strategies, as GLM-5.2 is freely accessible worldwide.
Released on June 13, 2026, under a permissive open-weight license, GLM-5.2 can be downloaded and operated by anyone on standard consumer hardware. While it may not match frontier models on general-purpose benchmarks, its specialized capability in vulnerability detection has garnered significant attention. Independent testing by Semgrep indicated that GLM-5.2 achieved an F1 score of 39% for IDOR detection, surpassing Claude Code's performance of 32-37% on identical tasks. Furthermore, the cost per vulnerability identified by GLM-5.2 is estimated at approximately $0.17, a mere one-sixth of the cost associated with Claude-based workflows.
These findings were further corroborated by additional benchmarks from Graphistry, highlighting that a publicly available Chinese AI model can now compete with leading U.S. AI systems in specific cybersecurity domains. The comparison table illustrates GLM-5.2's competitive edge in IDOR detection F1 score and cost-effectiveness, while acknowledging its trailing performance in general-purpose benchmarks and its open-weight, permissive license compared to Claude Mythos's restricted, proprietary nature.
The U.S. government has previously classified advanced AI models like Mythos and Fable as critical national security assets, particularly due to their potential to autonomously discover software vulnerabilities that could be weaponized. Export controls were implemented to prevent adversaries from acquiring such capabilities. The emergence of GLM-5.2, however, undermines the premise that restricting access to these powerful models would prevent the development of equivalent offensive cyber tools by other nations.
Anthropic's own Project Glasswing previously demonstrated the potent capabilities of AI in vulnerability research, reporting the discovery of over 10,000 critical vulnerabilities. GLM-5.2's performance suggests that such advanced vulnerability detection and potentially exploitation capabilities are no longer exclusive to U.S. entities. This comes at a time when OpenAI has also cited misuse concerns for limiting access to its GPT-5.6 model, underscoring a broader trend of U.S. efforts to control access to powerful AI technologies.
Security researchers are warning that open-weight models achieving frontier-level performance on specialized tasks like bug finding significantly shorten the development cycle for both defensive and offensive cyber operations. The global accessibility of GLM-5.2 means these advanced capabilities are now readily available to threat actors worldwide, irrespective of U.S. regulatory measures.
The advancement of GLM-5.2 signifies substantial progress by China in specialized, high-stakes AI applications. This development necessitates a critical re-evaluation of whether current strategies, focusing on hardware restrictions and model access controls, are sufficient to maintain Western dominance in AI-driven cybersecurity tools. The landscape of AI-powered cybersecurity is rapidly evolving, with open-source models increasingly closing the gap with proprietary systems.