English
Related papers

Related papers: VulnAgent-X: A Layered Agentic Framework for Repos…

200 papers

The application of language models to project-level vulnerability detection remains challenging, owing to the dual requirement of accurately localizing security-sensitive code and correctly correlating and reasoning over complex program…

Software Engineering · Computer Science 2025-09-16 Ziliang Wang , Ge Li , Jia Li , Hao Zhu , Zhi Jin

Software vulnerabilities continue to grow in volume and remain difficult to detect in practice. Although learning-based vulnerability detection has progressed, existing benchmarks are largely function-centric and fail to capture realistic,…

Software Engineering · Computer Science 2026-03-19 Amine Lbath

As software systems grow in complexity, security vulnerabilities have become increasingly prevalent, posing serious risks and economic costs. Although automated detection tools such as fuzzers have advanced considerably, effective…

Software Engineering · Computer Science 2026-01-21 Mingming Zhang , Xu Wang , Jian Zhang , Xiangxin Meng , Jiayi Zhang , Chunming Hu

Detecting vulnerabilities in source code remains critical yet challenging, as conventional static analysis tools construct inaccurate program representations, while existing LLM-based approaches often miss essential vulnerability context…

Software Engineering · Computer Science 2026-04-14 Yiheng Cao , Yihao Chen , Xin Hu , Bihuan Chen , Jiayi Deng , Zhuotong Zhou , Susheng Wu , Yiheng Huang , Xueying Du , Xingman Chen , Miaohua Li , Xin Peng

Large Language Models (LLMs) excel at code-related tasks but often struggle in realistic software repositories, where project-specific APIs and cross-file dependencies are crucial. Retrieval-augmented methods mitigate this by injecting…

Software Engineering · Computer Science 2026-04-22 George Ma , Anurag Koul , Qi Chen , Yawen Wu , Sachit Kuhar , Yu Yu , Aritra Sengupta , Varun Kumar , Murali Krishna Ramanathan

The integration of open-source third-party library dependencies in Java development introduces significant security risks when these libraries contain known vulnerabilities. Existing Software Composition Analysis (SCA) tools struggle to…

Software Engineering · Computer Science 2025-07-25 Wang Lingxiang , Quanzhi Fu , Wenjia Song , Gelei Deng , Yi Liu , Dan Williams , Ying Zhang

The widespread adoption of open-source software (OSS) necessitates the mitigation of vulnerability risks. Most vulnerability detection (VD) methods are limited by inadequate contextual understanding, restrictive single-round interactions,…

Cryptography and Security · Computer Science 2025-10-02 Youpeng Li , Kartik Joshi , Xinda Wang , Eric Wong

Deep Learning (DL)-based methods have proven to be effective for software vulnerability detection, with a potential for substantial productivity enhancements for detecting vulnerabilities. Current methods mainly focus on detecting single…

Software Engineering · Computer Science 2024-04-25 Xin-Cheng Wen , Xinchen Wang , Yujia Chen , Ruida Hu , David Lo , Cuiyun Gao

Detecting vulnerabilities in source code remains a critical yet challenging task, especially when benign and vulnerable functions share significant similarities. In this work, we introduce VulTrial, a courtroom-inspired multi-agent…

We propose VulnLLM-R, the~\emph{first specialized reasoning LLM} for vulnerability detection. Our key insight is that LLMs can reason about program states and analyze the potential vulnerabilities, rather than simple pattern matching. This…

Cryptography and Security · Computer Science 2025-12-09 Yuzhou Nie , Hongwei Li , Chengquan Guo , Ruizhe Jiang , Zhun Wang , Bo Li , Dawn Song , Wenbo Guo

Open-source AI libraries are foundational to modern AI systems, yet they present significant, underexamined risks spanning security, licensing, maintenance, supply chain integrity, and regulatory compliance. We introduce LibVulnWatch, a…

Cryptography and Security · Computer Science 2025-07-01 Zekun Wu , Seonglae Cho , Umar Mohammed , Cristian Munoz , Kleyton Costa , Xin Guan , Theo King , Ze Wang , Emre Kazim , Adriano Koshiyama

Automated vulnerability detection is crucial for enhancing software security by identifying potential flaws that attackers could exploit, thereby reducing the reliance on labor-intensive manual code audits. Recent advancements have shifted…

Software Engineering · Computer Science 2026-05-19 Xin Peng , Bo Lin , Jing Wang , Xiaoling Li , Jun Ma , Jie Yu , Xiaoguang Mao , Shangwen Wang

AI-based solutions demonstrate remarkable results in identifying vulnerabilities in software, but research has consistently found that this performance does not generalize to unseen codebases. In this paper, we specifically investigate the…

Cryptography and Security · Computer Science 2025-10-08 Rijha Safdar , Danyail Mateen , Syed Taha Ali , M. Umer Ashfaq , Wajahat Hussain

Software vulnerability management has become increasingly critical as modern systems scale in size and complexity. However, existing automated approaches remain insufficient. Traditional static analysis methods struggle to precisely capture…

Software Engineering · Computer Science 2026-01-27 Zelong Zheng , Jiayuan Zhou , Xing Hu , Yi Gao , Shengyi Pan

Vulnerability detection is a critical aspect of software security. Accurate detection is essential to prevent potential security breaches and protect software systems from malicious attacks. Recently, vulnerability detection methods…

Software Engineering · Computer Science 2025-04-24 Yixin Yang , Bowen Xu , Xiang Gao , Hailong Sun

Vulnerability detection tools are widely adopted in software projects, yet they often overwhelm maintainers with false positives and non-actionable reports. Automated exploitation systems can help validate these reports; however, existing…

Cryptography and Security · Computer Science 2026-02-17 Amirali Sajadi , Tu Nguyen , Kostadin Damevski , Preetha Chatterjee

Large language models demonstrate remarkable reasoning capabilities but often produce unreliable or incorrect responses. Existing verification methods are typically model-specific or domain-restricted, requiring significant computational…

Computation and Language · Computer Science 2025-08-22 Jiuzhou Han , Wray Buntine , Ehsan Shareghi

Sensitive information leakage in code repositories has emerged as a critical security challenge. Traditional detection methods that rely on regular expressions, fingerprint features, and high-entropy calculations often suffer from high…

Cryptography and Security · Computer Science 2025-12-10 Bin Wang , Hui Li , Liyang Zhang , Qijia Zhuang , Ao Yang , Dong Zhang , Xijun Luo , Bing Lin

Eliminating vulnerabilities from low-level code is vital for securing software. Static analysis is a promising approach for discovering vulnerabilities since it can provide developers early feedback on the code they write. But, it presents…

Cryptography and Security · Computer Science 2016-04-07 Bhargava Shastry , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Penetration testing is a vital practice for identifying and mitigating vulnerabilities in cybersecurity systems, but its manual execution is labor-intensive and time-consuming. Existing large language model (LLM)-assisted or automated…

Software Engineering · Computer Science 2025-01-24 He Kong , Die Hu , Jingguo Ge , Liangxiong Li , Tong Li , Bingzhen Wu
‹ Prev 1 2 3 10 Next ›