English
Related papers

Related papers: VulnAgent-X: A Layered Agentic Framework for Repos…

200 papers

Large Language Models (LLMs) have training corpora containing large amounts of program code, greatly improving the model's code comprehension and generation capabilities. However, sound comprehensive research on detecting program…

Cryptography and Security · Computer Science 2024-08-22 Yu Liu , Lang Gao , Mingxin Yang , Yu Xie , Ping Chen , Xiaojin Zhang , Wei Chen

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle…

Software Engineering · Computer Science 2025-06-18 Xueying Du , Geng Zheng , Kaixin Wang , Yi Zou , Yujia Wang , Wentai Deng , Jiayi Feng , Mingwei Liu , Bihuan Chen , Xin Peng , Tao Ma , Yiling Lou

As software systems grow in scale and complexity, vulnerability management is increasingly strained by high alert volumes, fragmented toolchains, and manual triage processes. We introduce AgenticVM, a multi-agent framework that integrates…

Cryptography and Security · Computer Science 2026-05-05 Asrul Arifin , Hussain Ahmad , Yiyao Zhang , Diksha Goel

Software vulnerability detection is critical in software security because it identifies potential bugs in software systems, enabling immediate remediation and mitigation measures to be implemented before they may be exploited. Automatic…

Software Engineering · Computer Science 2023-06-21 Nima Shiri Harzevili , Alvine Boaye Belle , Junjie Wang , Song Wang , Zhen Ming , Jiang , Nachiappan Nagappan

Automating software vulnerability detection (SVD) remains a critical challenge in an era of increasingly complex and interdependent software systems. Despite significant advances in Large Language Models (LLMs) for code analysis, prevailing…

Software Engineering · Computer Science 2025-03-25 Arastoo Zibaeirad , Marco Vieira

The widespread adoption of open-source software (OSS) has accelerated software innovation but also increased security risks due to the rapid propagation of vulnerabilities and silent patch releases. In recent years, large language models…

Cryptography and Security · Computer Science 2025-11-12 Junxiao Han , Zheng Yu , Lingfeng Bao , Jiakun Liu , Yao Wan , Jianwei Yin , Shuiguang Deng , Song Han

Automatically locating vulnerable statements in source code is crucial to assure software security and alleviate developers' debugging efforts. This becomes even more important in today's software ecosystem, where vulnerable code can flow…

Software Engineering · Computer Science 2022-01-14 Yangruibo Ding , Sahil Suneja , Yunhui Zheng , Jim Laredo , Alessandro Morari , Gail Kaiser , Baishakhi Ray

The evolution of Large Language Model (LLM) agents for software engineering (SWE) is constrained by the scarcity of verifiable datasets, a bottleneck stemming from the complexity of constructing executable environments across diverse…

Software Engineering · Computer Science 2026-02-03 Chuanzhe Guo , Jingjing Wu , Sijun He , Yang Chen , Zhaoqi Kuang , Shilong Fan , Bingjin Chen , Siqi Bao , Jing Liu , Hua Wu , Qingfu Zhu , Wanxiang Che , Haifeng Wang

What should a developer inspect before deploying an LLM agent: the model, the tool code, the deployment configuration, or all three? In practice, many security failures in agent systems arise not from model weights alone, but from the…

Cryptography and Security · Computer Science 2026-03-25 Haiyue Zhang , Yi Nian , Yue Zhao

Software debugging is a time-consuming endeavor involving a series of steps, such as fault localization and patch generation, each requiring thorough analysis and a deep understanding of the underlying logic. While large language models…

Software Engineering · Computer Science 2025-11-19 Cheryl Lee , Chunqiu Steven Xia , Longji Yang , Jen-tse Huang , Zhouruixin Zhu , Lingming Zhang , Michael R. Lyu

In recent years, more vulnerabilities have been discovered every day, while manual vulnerability repair requires specialized knowledge and is time-consuming. As a result, many detected or even published vulnerabilities remain unpatched,…

Software Engineering · Computer Science 2025-04-11 Zhengyao Liu , Yunlong Ma , Jingxuan Xu , Junchen Ai , Xiang Gao , Hailong Sun , Abhik Roychoudhury

As software becomes increasingly complex and prone to vulnerabilities, automated vulnerability detection is critically important, yet challenging. Given the significant successes of large language models (LLMs) in various tasks, there is…

Artificial Intelligence · Computer Science 2023-12-25 Zeyu Gao , Hao Wang , Yuchen Zhou , Wenyu Zhu , Chao Zhang

Automated detection of software vulnerabilities is critical for enhancing security, yet existing methods often struggle with the complexity and diversity of modern codebases. In this paper, we introduce EnStack, a novel ensemble stacking…

Software Engineering · Computer Science 2024-11-26 Shahriyar Zaman Ridoy , Md. Shazzad Hossain Shaon , Alfredo Cuzzocrea , Mst Shapna Akter

Large Language Models (LLMs) have shown promise in tasks like code translation, prompting interest in their potential for automating software vulnerability detection (SVD) and patching (SVP). To further research in this area, establishing a…

Software Engineering · Computer Science 2024-09-18 Arastoo Zibaeirad , Marco Vieira

Software vulnerabilities can result in catastrophic cyberattacks that increasingly threaten business operations. Consequently, ensuring the safety of software systems has become a paramount concern for both private and public sectors.…

Software Engineering · Computer Science 2024-12-10 Boyu Zhang , Triet H. M. Le , M. Ali Babar

Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity. Traditional manual detection methods face significant scalability challenges when…

Software Engineering · Computer Science 2025-09-30 Haoran Xu , Chen Zhi , Junxiao Han , Xinkui Zhao , Jianwei Yin , Shuiguang Deng

Software Vulnerability (SV) assessment is a crucial process of determining different aspects of SVs (e.g., attack vectors and scope) for developers to effectively prioritize efforts in vulnerability mitigation. It presents a challenging and…

Software Engineering · Computer Science 2025-01-28 Xin-Cheng Wen , Jiaxin Ye , Cuiyun Gao , Lianwei Wu , Qing Liao

Similar vulnerability repeats in real-world software products because of code reuse, especially in wildly reused third-party code and libraries. Detecting repeating vulnerabilities like 1-day and N-day vulnerabilities is an important cyber…

Cryptography and Security · Computer Science 2024-01-19 Zian Liu , Lei Pan , Chao Chen , Ejaz Ahmed , Shigang Liu , Jun Zhang , Dongxi Liu

Large language model (LLM) agents are vulnerable to prompt-injection attacks that propagate through multi-step workflows, tool interactions, and persistent context, making input-output filtering alone insufficient for reliable protection.…

Artificial Intelligence · Computer Science 2026-04-21 Hailin Liu , Eugene Ilyushin , Jie Ni , Min Zhu

Large vision-language model (LVLM)-based web agents are emerging as powerful tools for automating complex online tasks. However, when deployed in real-world environments, they face serious security risks, motivating the design of security…

Cryptography and Security · Computer Science 2026-04-15 Zonghao Ying , Yangguang Shao , Jianle Gan , Gan Xu , Wenxin Zhang , Quanchen Zou , Junzheng Shi , Zhenfei Yin , Mingchuan Zhang , Aishan Liu , Xianglong Liu