Private-response landscape · Comparison sheet

Patching
the Commons

Four open-source-specific coordinated security initiatives launched in a five-week span — what they do, how they're built, and who gets protected first.

This comparison is drawn from each initiative's own published material; figures and claims are as the initiatives describe them and are not independently verified.

Scope  OSS-specific · coordinated Window  28 May – 26 Jun 2026 Count  4 (5 with Glasswing) Public bodies involved  0

The shape of the field

Two questions sort all four

Does the body do the work (find and fix bugs itself) or coordinate the work (pool findings from others)? And is it commercial (fixes gated to paying members first) or non-profit (fixes reach everyone at disclosure)? The commercial axis is also the embargo axis — pre-disclosure two-tier access falls out of it automatically.

CommercialNon-profit
◀ Does the work (finder / fixer) Coordinates the work (clearinghouse) ▶

Table 1

Services offered

The clearinghouse function chain, from finding a bug to getting the fix home. core marks each body's primary function.

Services offered by each initiative
Service Lightwell Patch the Planet Akrites Athena
Discovery — finds bugs itself Yes (own AI + engineers) Yes core No — ingests from Finders No — ingests from finders
Triage / dedup / enrich Yes Yes (+ HackerOne, Calif) Yes core Yes core (publishes OSV feed)
Remediation — produces the patch Yes core Yes core (writes, tests, merges) Yes (coalition engineers) Yes (private hardened rebuilds)
Non-patch mitigation — network / platform / detection Yes (via Palo Alto Networks, Jun 2026) No No Yes core (network, platform, vendor)
Coordinated disclosure Yes (coordinates upstream) Yes (via HackerOne, Calif) Yes core (single CVD) Yes (hopes to hand SIRT to LF)
Maintainer of last resort No (explicit) No Yes Yes
Fix distribution channel Commercial subscription Upstream merge (free, public) Published to namespace at disclosure Chainguard Libraries (commercial) + upstream

Table 2

Structural characteristics

How each body is owned, governed, funded, and how it handles the embargo. The embargo row is colour-coded by who is protected first.

Structural characteristics of each initiative
Dimension Lightwell Patch the Planet Akrites Athena
Lead / host IBM / Red Hat OpenAI + Trail of Bits Linux Foundation Chainguard
Launch 28 May 2026 22 Jun 2026 25 Jun 2026 late Jun 2026
Commercial model Commercial — $5bn, subscription Free to maintainers; vendor-sponsored Non-profit — dues + in-kind Commercial — members-first via paid product
Model-specific? Model-agnostic (own AI) Model-specific (GPT-5.5-Cyber, Codex) Model-agnostic Model-agnostic
OS-project role in governance None — recipients of fixes Scope control only, not governance Associate tier — lowest, non-governing, invited at Board discretion Minimal / unstated
Outside-finder intake — can a non-party report a vuln in? No — subscriber-gated customer channel N/A — it is the finder, no report-in pathway No — via members (LF membership + agreement + NDA) No — members submit via encrypted portal
Open participation — can an outside party join / apply? Pay to subscribe Yes — open application (selection discretionary) Invite / Board discretion (Associate tier) Join the coalition (membership)
Upstream relationship — where / when the fix lands Backport-first — signed patches to pinned versions for subscribers; upstream commit secondary Upstream-first — writes, tests & merges into the project's own repo from the start Upstream at disclosure — published to the project's namespace at the single window Private-build-first — hardened builds via Chainguard Libraries pre-disclosure; upstream reconciled later
Namespace authority — power asserted over the project None claimed None claimed Maintainer of last resort (bounds unstated) Maintainer of last resort (bounds unstated)
Embargo / pre-disclosure access Members-first — subscribers get validated + preemptive virtual patches before public Equal — standard CVD, no members-first tier Equal — TLP:RED to all until one disclosure window Members-first — private builds before disclosure; public gets mitigations only
Public-body / national-CSIRT involvement None None None — runs on CERT/CC's VINCE & names FIRST, but no CSIRT participates None
Finder feeds accepted Own (+ acts as a Finder into Akrites) Own (OpenAI) Glasswing, MITRE/CVE, Lightwell, FIRST All frontier models incl. Glasswing, Daybreak
Stated scale 20,000+ engineers; 11 banks; Maven/Java → PyPI, npm, Go 30+ projects; 51 significant / 19 fixed in week 1 ~20 founding members (largely LF sub-foundations) 24+ members; 20k findings / 2k patches / 500 projects
Members-first — public protected last (commercial gating / pre-embargo asymmetry) Equal — single embargo, fixes reach everyone at disclosure

Two constants across all four

What none of them have

Whatever else differs, two cells read the same down every column — and together they are the sovereignty argument in two rows.

0

Real governance power for OS projects

In all four, the maintainers the systems exist to serve are recipients or scope-setters, never governors. Akrites makes it most explicit — the unpaid Associate tier, admitted at the Governing Board's discretion.

0

Public body or national CSIRT

No government, EU institution, or national CSIRT sits inside any of the four — even though coordinated disclosure is historically the CSIRT/CERT mandate. Akrites even runs on CERT/CC's VINCE tooling while excluding the CSIRTs themselves. The whole response is privately governed and US-anchored.

Sources

Project announcement pages

Primary launch materials for each initiative.

Patch the Planet

OpenAI / Trail of Bits · 22 Jun 2026

OpenAI announcement Trail of Bits announcement

Akrites

Linux Foundation · 25 Jun 2026

Launch press release Site & framework Open letter

Athena

Chainguard · late Jun 2026

Coalition announcement