Policy Pulse - Issue #23 | Week of July 4, 2026
Washington lifts export controls on Anthropic's frontier cyber models two weeks after locking them down. Plus Akrites launches to absorb AI-scale disclosure and ENISA's CVE Root appoints a new CNA.
Policy Pulse - Issue #23 | Week of July 4, 2026
Your weekly briefing on cybersecurity policy affecting vulnerability disclosure and security research.
Top Story
The Gate Swings Open: US Lifts Export Controls on Anthropic's Frontier Cyber Models
Late on June 30, the Trump administration lifted the export controls it had placed on Anthropic's Mythos 5 and Fable 5 models roughly two and a half weeks earlier, and Anthropic began restoring access the following day (Forbes, CBS News). The reversal came with a warning attached: Commerce Secretary Howard Lutnick's letter to the company made clear that controls can be reimposed if circumstances change or if Anthropic fails to adhere to its commitments. During the restriction window, Mythos 5 access had been narrowed to a small group of cyber defenders and infrastructure providers (SecurityWeek).
The asymmetry is worth watching. OpenAI's GPT-5.6 Sol remains limited to a group of roughly 20 government-approved customers while its cybersecurity review runs its course (AP, SecurityWeek). In the space of three weeks, the US government restricted, re-tiered, and then released access to the most capable vulnerability-discovery models on the market, all through export-control and procurement machinery rather than any statute. Access policy is being made at wire speed, and nobody in the disclosure ecosystem gets a comment period.
Why it matters for VDP: Program operators got a two-week preview of a world where AI-discovered findings flow first to a government-approved tier, and that precedent now sits on the shelf, ready for reuse. With global access restored, expect AI-assisted submission volume to resume climbing. The intake question from Issue #22 has not gone away, it has just changed hands.
Throwback: In Issue #22, we covered the government gatekeeping of GPT-5.6 Sol and Mythos 5 as our top story; this week the gate swung open for Anthropic, while OpenAI's stayed shut.
Upcoming Deadlines & Events
| Date | Agency | Event/Deadline | Action Required | Link |
|---|---|---|---|---|
| Jul 6, 2026 | NIST | IR 8323 Rev. 2 (Foundational PNT Profile) comment period closes | Submit comments | NIST CSRC |
| Jul 8, 2026 | NIST | SP 1800-41 (Manufacturing Cyber Attack Response) comment period closes | Submit comments | NIST CSRC |
| Aug 24, 2026 | US Copyright Office | DMCA Section 1201 tenth triennial: petitions due | File renewal or expansion petitions for the security research exemption | Copyright Office |
| Aug 24, 2026 | NIST | SP 800-213 Rev. 1 (IoT product cybersecurity requirements) comments close | Submit comments | NIST CSRC |
| Aug 31, 2026 | Council of Europe | Octopus Conference 2026 registration closes (conference Oct 14-16, Strasbourg) | Register to attend | Council of Europe |
| Sep 11, 2026 | ENISA / EU | Cyber Resilience Act reporting obligations go live via the Single Reporting Platform | Manufacturers: have a working CVD policy plus 24-hour actively-exploited-vulnerability reporting ready | ENISA SRP |
| Sep 28, 2026 | US Copyright Office | DMCA Section 1201: comments on exemption renewals due | Support renewal of the security research exemption | Copyright Office |
This Week in Policy
AI & Emerging Tech Security
- Linux Foundation launches Akrites, a shared SIRT for the AI-discovery era: Around 20 founding members, including AWS, Anthropic, Google, Microsoft, OpenAI, IBM, Cisco, and Red Hat, launched Akrites on June 25 to give critical open-source projects a shared Security Incident Response Team and a single standardized coordinated disclosure process, on the explicit rationale that AI now finds vulnerabilities faster than the existing disclosure model can absorb (Linux Foundation, Help Net Security). The context: VulnCheck's analysis of Anthropic's public CVD ledger found that at the current patch rate it would take roughly 2.4 years to clear the backlog of AI-discovered findings (VulnCheck). Why it matters for VDP: this is the first purpose-built intake infrastructure designed for machine-scale discovery volume. If it works, centralized confidentiality-first intake becomes the template that individual VDPs are measured against.
Federal Strategy & Regulation
- NIST finalizes SP 800-18 Revision 2: Released June 30, the final revision expands federal system planning from a single security plan into three interconnected plans covering security, privacy, and cybersecurity supply chain risk management (NIST). Why it matters for VDP: system security plans are where federal programs document how disclosed vulnerabilities get handled; supply chain risk joining that document set pulls third-party disclosure handling into scope.
CVE & Vulnerability Programs
- ENISA's CVE Root appoints a new CNA: VulNow B.V. was formally appointed a CVE Numbering Authority under ENISA's CVE Root on July 1 (GlobeNewswire). The company matters less than the structure: ENISA is now operating as an independent CVE Root and appointing CNAs beneath it, federating CVE issuance beyond the historically US-centered MITRE structure. Why it matters for VDP: coordination and deduplication across two live roots stop being hypothetical. Programs should confirm which CNA-of-record applies to their products.
- SharePoint RCE lands on KEV with a 3-day federal deadline: CISA added CVE-2026-45659, a SharePoint Server deserialization RCE scoring CVSS 8.8, to the Known Exploited Vulnerabilities catalog on July 1 with a July 4 remediation deadline for federal civilian agencies (The Hacker News, KEV catalog). Microsoft patched it in the May 2026 cycle and had assessed it as "Exploitation Less Likely"; CISA's listing cites evidence of active exploitation. Why it matters for VDP: this is one of the first high-visibility KEV actions running on BOD 26-04's risk-based clock, and a reminder that vendor exploitability ratings are a prediction, not a guarantee.
- Seven unpatched flaws in a filesystem library embedded everywhere: runZero disclosed seven vulnerabilities in FatFs, the FAT/exFAT filesystem library that ships in firmware across security cameras, drones, industrial controllers, and hardware crypto wallets, led by CVE-2026-6682 (CVSS 7.6, a FAT32-mount integer overflow). The upstream maintainer is unresponsive, so there is no upstream fix; every downstream vendor must patch independently (The Hacker News). Why it matters for VDP: the orphaned-dependency scenario is the hardest case in multi-party coordinated disclosure, and AI-scale discovery will surface more of them.
Legal & Researcher Protections
- Canada's Bill C-8 receives Royal Assent: Canada enacted its Cyber Security Act on June 16, creating the Critical Cyber Systems Protection Act with mandatory cybersecurity programs and incident reporting to the Communications Security Establishment on a regulatory clock capped at 72 hours, for designated operators in finance, telecom, energy, and transport (Osler). The Act adds no safe harbour for external researchers, and its confidentiality-of-directions provisions could complicate disclosure around designated operators. Why it matters for VDP: a fifth of the Five Eyes just rebuilt its critical-infrastructure cyber law without researcher protections in it.
- New Zealand weighs an "illegally obtained information" offence: Following a public consultation that closed on April 19, New Zealand's government is weighing a new offence covering those who view, possess, or disseminate personal information knowing it was illegally obtained (Simpson Grierson). Why it matters for VDP: without a good-faith carve-out, researchers and threat-intel analysts who handle breach data for defensive purposes could be swept in. Drafting is the whole game here.
Worth Reading
- Anthropic's CVD Ledger: The Numbers Behind AI-Scale Discovery (VulnCheck): The empirical case that intake and remediation, not discovery, are now the binding constraint on coordinated disclosure.
- Hunting for Vulnerabilities: Call for European Protection of Security Researchers (Journal of Cybersecurity): Peer-reviewed argument that NIS2 and the CRA lack explicit researcher protections, with a two-pillar fix.
- Court Finds AI Agent May Violate State, Federal Law by Accessing Amazon Accounts (Cooley): The CFAA is being stretched to agentic tooling; anyone running autonomous testing should read this one.
- ENISA on Distributed CVE Governance (Help Net Security): Useful context for this week's VulNow appointment, straight from ENISA on why Europe is building an interoperable node rather than a fork.
Policy Pulse is a weekly bulletin from disclose.io. Keeping the security research community informed on policy that affects our work.
Have a tip or want to contribute? Reply to this email, reach out on Twitter/X, or drop a comment here!