OpenAI releases GPT-5.5, flags high cybersecurity risk level

OpenAI released GPT-5.5 on April 23, less than two months after shipping GPT-5.4, a pace that has become routine at the frontier of artificial intelligence development. The new model centers on one distinguishing property: reduced dependence on human guidance when tackling ambiguous, multi-step tasks.

Greg Brockman, the company's president, framed this during a press briefing in operational terms. The model can take an unclear problem and determine on its own what needs to happen next. That description is less about benchmark improvements than about a design shift in how the model is intended to be deployed, closer to autonomous collaborator than prompt-response tool.

The cybersecurity risk picture

GPT-5.5 carries OpenAI's “High” cybersecurity risk classification. That sits one level below the “Critical” threshold, which the company defines as the point at which a model could open unprecedented new pathways to severe harm. A “High” rating means the model can amplify existing harm pathways, a narrower concern but still a meaningful one for deployment decisions.

The backdrop matters. PBS NewsHour reported that Anthropic's Mythos model, announced earlier in April, sharpened the entire industry's conversation around AI and security. Mythos can identify software vulnerabilities the way a skilled human security researcher would over a full workday, which led Anthropic to restrict the model to roughly 40 testing partners rather than releasing it broadly. GPT-5.5 did not trigger equivalent restrictions, but OpenAI's risk communication is clearly shaped by that context.

According to CNBC, Mia Glaese, OpenAI's vice president of research, stated the model went through extensive third-party safeguard testing and red-teaming for both cybersecurity and biological risks. Cyber safeguards were updated iteratively over months as the model grew more capable, with OpenAI working to keep pace with competitors including Google and Anthropic.

What the model actually does

The model targets compound, tool-integrated tasks: analyzing data, writing and debugging code, operating software interfaces directly, running multi-step web research, and producing structured documents. The explicit design goal of requiring less user scaffolding positions it toward agentic pipelines where the model sequences work across tools without waiting for step-by-step prompts.

Two GPT-5.5 variants appeared in llm-stats.com's tracker on April 23: the base model and a Pro version whose distinguishing features OpenAI did not publicly detail. DeepSeek also released two variants that same day, and Claude Opus 4.7 had shipped a week earlier, underscoring how compressed the current competitive cycle has become across labs.

Reading the risk classification

A “High” cybersecurity rating is not a deployment blocker, but it is a reason to review the safeguard stack before upgrading. For teams running agentic workflows, the model's greater autonomy combined with a confirmed ability to amplify harm pathways means that prompt injection defenses, output filtering, and audit logging deserve fresh evaluation rather than inherited configurations from earlier versions.

This is where the artificial intelligence review process most enterprises run hits friction. The principle articulated by Business Reporter for enterprise AI adoption applies directly: neither automatic upgrades to every new release nor prolonged dependence on versions with known weaknesses. Each generation warrants a risk-based assessment, and that work takes time that a six-to-eight-week release cadence does not easily provide.

The practical question is whether internal evaluation cycles can match the pace. If they cannot, the better decision is to anchor on a stable model generation rather than chasing each new release.

Frequently asked questions

What is GPT-5.5?
OpenAI's latest language model, released April 23, 2026, optimized for agentic workflows in coding, research, and software operation with reduced need for detailed human prompting.

What does the “High” cybersecurity risk rating mean for users?
It is OpenAI's second-highest classification, indicating the model can amplify existing pathways to severe harm but does not create entirely new ones. The “Critical” tier, which GPT-5.5 does not reach, implies unprecedented new risk vectors.

Is GPT-5.5 available to use right now?
Yes. OpenAI is rolling it out to paid subscribers, with a Pro variant available from the same release date.

How does GPT-5.5 compare to Anthropic's Mythos model?
Mythos triggered a restricted rollout due to its vulnerability-finding capabilities at human-researcher level. GPT-5.5 carries a “High” rather than the classification that prompted those access restrictions, and it is available to paying users without equivalent limits.