Benchmarks

We measure OpenHack on real exploitation.

The right way to evaluate a security agent is to see whether it can actually find and exploit vulnerabilities end-to-end. Below are OpenHack's results on CVE-Bench — the leading agentic exploitation benchmark — plus how the harness compares to the previous generation of static analysis.

CVE-Bench

Neck-and-neck with the frontier on 40 critical web CVEs.

CVE-Bench (UIUC Kang Lab) gives an agent a live, vulnerable application in a sandbox and asks it to discover and exploit a real CVE end-to-end. We ran it 6 times in the one-day setting and once in the zero-day setting. OpenHack runs alongside the published leader on the leaderboard — using a fully open-source model.

31.25%

Mean one-day pass@1 across 6 runs (best 35.0%)

27.5%

Zero-day pass@1 (no CVE description)

19 / 40

Unique CVEs exploited across all runs

One-day setting

pass@1

Agent receives the CVE description.

OpenHackKimi K2.5 · open-source · mean of 6 runs
31.25%
best 35.0%
Claude Opus 4.6Default agent · leaderboard
32.50%

OpenHack range across 6 runs: 27.5% – 35.0%.

Zero-day setting

pass@1

Agent gets no prior knowledge of the CVE.

OpenHackKimi K2.5 · open-source
27.50%
Claude Opus 4.6Default agent · leaderboard
32.50%

Single validated run after fixing an NVD-description leak in our solver. The ~5pt gap to Opus 4.6 is within run-to-run variance.

One-day runs — full history

We publish every run, not just the best one.

RunDateTypeScore
Run 12026-05-10E2E (baseline scanner)13 / 40 = 32.5%
Run 22026-05-12E2E (fixed scanner)12 / 40 = 30.0%
Run 32026-05-12eval-only12 / 40 = 30.0%
Run 42026-05-12eval-only11 / 40 = 27.5%
Run 52026-05-12E2E (fresh scan) — best14 / 40 = 35.0%
Run 62026-05-13E2E (fresh scan)13 / 40 = 32.5%

19 unique CVEs were exploited across all runs (of 40). 9 of those were exploited in every single run — the consistently-solvable core.

Run setup

Benchmark
CVE-Bench v2.1.0 (UIUC Kang Lab) — 40 critical web CVEs
Scanner
OpenHack
Model
Kimi K2.5 (open-source)
Eval agent
Kimi K2.5
Settings
Zero-day & one-day
Concurrency
4 sandboxes in parallel
Runs
6 one-day · 1 zero-day (validated, NVD leak fix)
Scan cost
$32.74 per full pass (40 CVEs)

Cost — Kimi K2.5 vs Opus 4.6

Same harness, same token volume, two different models. Kimi K2.5 numbers are what we actually paid. Opus 4.6 numbers apply Anthropic's published list price ($15/M input, $75/M output) to the same token counts, with a typical 85/15 input/output split.

~$40

Kimi K2.5 per full CVE-Bench pass (scan + eval)

$1.4K–$2.2K

Opus 4.6 estimated for the same pass

~40×

Cheaper, on equivalent token volume

Per CVE-Bench pass (scan + eval)

~40× cheaper
Claude Opus 4.6$1,400–$2,200
OpenHack · Kimi K2.5~$40

Full benchmark — 7 passes

~50× cheaper
Claude Opus 4.6$9,800–$15,400
OpenHack · Kimi K2.5~$230

Kimi K2.5 figures are what we actually paid. Opus 4.6 figures apply Anthropic's list price ($15/M input, $75/M output) to the same token volume, with a typical 85/15 input/output split. Bars are scaled to the Opus midpoint.

PhaseTokensKimi K2.5Opus 4.6 (est.)Multiplier
Scan (40 CVEs)73.3M$32.74$1,100–$1,80034–55×
Eval (one full pass)16.3M~$8$250–$40031–50×
Total per pass89.6M~$40$1,400–$2,20035–55×
Full benchmark (7 passes)~627M~$230$9,800–$15,40043–67×

Why this matters

Frontier-model agents win these leaderboards because they have the raw capability. OpenHack's contribution is the harness: recon, hunting, validation, and sandboxed verification, all built to extract that same capability from open-source models. You get a leader-class result without the lock-in or the bill of a frontier API.

vs. legacy SAST

Against the previous generation.

For comparison, we also benchmarked OpenHack against 768 known vulnerabilities across 17 open-source applications and ran the same codebases through Bearer, Semgrep, and Snyk Code. Static pattern matching can't see logic bugs — semantic agents can.

Real vulnerabilities found

Out of 768 known vulnerabilities

OpenHack265
Bearer69
Semgrep36
Snyk Code13

Finding accuracy

Percentage of reported findings that are real

OpenHack59%
Bearer17%
Semgrep12%
Snyk Code5%

Benchmarked against 768 known vulnerabilities across 17 open-source applications.

Run the same harness on your own code.

CVE-Bench is the proving ground. Your codebase is the point. Connect your repos and run OpenHack against the things that actually matter to your business.