Open-Weight Model GLM-5.2 Beats Claude Code in Vulnerability Detection Test
An open-weight model with simple prompts beat a state-of-the-art coding agent on a reasoning-intensive security task, and at a fraction of the cost.
Reporting from 1 sources: GIGAZINE.
Chinese AI company Z.ai's open-weight model GLM-5.2 outperformed Anthropic's Claude Code in a benchmark measuring detection accuracy for Insecure Direct Object Reference vulnerabilities, according to a report from cybersecurity firm Semgrep. GLM-5.2 placed third overall, ahead of multiple Claude Code configurations, with a cost per vulnerability found of about $0.17.
Semgrep tested AI models including GLM-5.2, Claude Code (Opus 4.6/4.7/4.8), and GPT-5.5 on a benchmark for Insecure Direct Object Reference detection. GLM-5.2, a mixture-of-experts model with approximately 750 billion parameters, scored 39% F1, 7 percentage points above Claude Code's 32%. Semgrep called the result the biggest surprise of the test. GLM-5.2 also cost about $0.17 per vulnerability found, roughly one-sixth the cost of comparable cutting-edge models. Z.ai released the model on June 17, and founder Jie Tang referenced the suspension of Claude Fable's service due to a U.S. government order in the announcement.
Synthesized by Yomimono from the 1 cited source below, including Japanese-language reporting where cited, then editorially reviewed before publishing.