# Awesome-LLMs-for-Vulnerability-Detection **Repository Path**: jiumao-admin/Awesome-LLMs-for-Vulnerability-Detection ## Basic Information - **Project Name**: Awesome-LLMs-for-Vulnerability-Detection - **Description**: No description available - **Primary Language**: Unknown - **License**: Not specified - **Default Branch**: main - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2026-01-06 - **Last Updated**: 2026-01-06 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Awesome Large Language Models for Vulnerability Detection | Title | Venue | Year | Paper | Github | | :----------------------------------------------------------: | :----------: | :--: | :----------------------------------------------------------: | :----------------------------------------------------------: | | From Large to Mammoth: A Comparative Evaluation of Large Language Models in Vulnerability Detection | NDSS | 2025 | [link](https://www.ndss-symposium.org/ndss-paper/from-large-to-mammoth-a-comparative-evaluation-of-large-language-models-in-vulnerability-detection/) | | | Benchmarking LLMs and LLM-based Agents in Practical Vulnerability Detection for Code Repositories | ACL | 2025 | [link](https://aclanthology.org/2025.acl-long.1490/) | [link](https://github.com/alperen21/JitVul) | | A Systematic Literature Review on Detecting Software Vulnerabilities with Large Language Models | | 2025 | [link](https://arxiv.org/abs/2507.22659) | [link](https://github.com/hs-esslingen-it-security/Awesome-LLM4SVD) | | LLMxCPG: Context-Aware Vulnerability Detection Through Code Property Graph-Guided Large Language Models | Usenix | 2025 | [link](https://arxiv.org/abs/2507.16585) | [link](https://github.com/qcri/llmxcpg) | | CLeVeR: Multi-modal Contrastive Learning for Vulnerability Code Representation | ACL Findings | 2025 | [link](https://aclanthology.org/2025.findings-acl.414/) | [link](https://github.com/yoimiya-nlp/CLeVeR) | | Mono: Is Your "Clean" Vulnerability Dataset Really Solvable? Exposing and Trapping Undecidable Patches and Beyond | | 2025 | [link](https://arxiv.org/abs/2506.03651) | [link](https://github.com/vul337/mono) | | Learning to Focus: Context Extraction for Efficient Code Vulnerability Detection with Language Models | | 2025 | [link](https://arxiv.org/abs/2505.17460) | | | SV-TrustEval-C: Evaluating Structure and Semantic Reasoning in Large Language Models for Source Code Vulnerability Analysis | SP | 2025 | [link](https://arxiv.org/abs/2505.20630) | [link](https://github.com/Jackline97/SV-TrustEval-C) | | SecVulEval: Benchmarking LLMs for Real-World C/C++ Vulnerability Detection | | 2025 | [link](https://arxiv.org/abs/2505.19828) | [link](https://github.com/basimbd/secvuleval) | | CVE-Bench: Benchmarking LLM-based Software Engineering Agent’s Ability to Repair Real-World CVE Vulnerabilities | NAACL | 2025 | [link](https://aclanthology.org/2025.naacl-long.212/) | [link](https://github.com/WhileBug/CVEBench) | | R2Vul: Learning to Reason about Software Vulnerabilities with Reinforcement Learning and Structured Reasoning Distillation | | 2025 | [link](https://arxiv.org/abs/2504.04699) | [link](https://github.com/martin-wey/R2Vul) | | Automated static vulnerability detection via a holistic neuro-symbolic approach | | 2025 | [link](https://arxiv.org/abs/2504.16057) | | | Context-Enhanced Vulnerability Detection Based on Large Language Model | | 2025 | [link](https://arxiv.org/abs/2504.16877) | | | Everything you wanted to know about LLM-based vulnerability detection but were afraid to ask | | 2025 | [link](https://arxiv.org/abs/2504.13474) | [link](https://anonymous.4open.science/r/CORRECT/README.md) | | MOS: Towards Effective Smart Contract Vulnerability Detection through Mixture-of-Experts Tuning of Large Language Models | | 2025 | [link](https://arxiv.org/abs/2504.12234) | | | Abundant modalities offer more nutrients: multi-modal-based function-level vulnerability detection | TOSEM | 2025 | [link](https://dl.acm.org/doi/10.1145/3731557) | [link](https://github.com/vinci-grape/MVulD) | | Generative Large Language Model usage in Smart Contract Vulnerability Detection | | 2025 | [link](https://arxiv.org/abs/2504.04685) | | | Closing the Gap: A User Study on the Real-world Usefulness of AI-powered Vulnerability Detection & Repair in the IDE | ICSE | 2025 | [link](https://www.arxiv.org/abs/2412.14306) | [link](https://doi.org/10.6084/m9.figshare.26367139) | | Vulnerability Detection with Code Language Models: How Far Are We? | ICSE | 2025 | [link](https://arxiv.org/abs/2403.18624) | [link](https://github.com/DLVulDet/PrimeVul) | | Combining Fine-Tuning and LLM-based Agents for Intuitive Smart Contract Auditing with Justifications | ICSE | 2025 | [link](https://arxiv.org/abs/2403.16073) | | | LAMD: Context-driven Android Malware Detection and Classification with LLMs | | 2025 | [link](http://arxiv.org/abs/2502.13055) | | | LLMs in Software Security: A Survey of Vulnerability Detection Techniques and Insights | | 2025 | [link](https://arxiv.org/abs/2502.07049) | [link](https://github.com/OwenSanzas/LLM-For-Software-Security) | | One-for-All Does Not Work! Enhancing Vulnerability Detection by Mixture-of-Experts (MoE) | | 2025 | [link](https://arxiv.org/abs/2501.16454) | | | Leveraging Semantic Relations in Code and Data to Enhance Taint Analysis of Embedded Systems | Usenix | 2024 | [link](https://www.usenix.org/system/files/usenixsecurity24-zhao.pdf) | [link](https://sites.google.com/view/lara-data) | | Effective Vulnerable Function Identification based on CVE Description Empowered by Large Language Models | ASE | 2024 | [link](https://doi.org/10.1145/3691620.3695013) | [link](https://github.com/CGCL-codes/VFFinder) | | SCALE: Constructing Structured Natural Language Comment Trees for Software Vulnerability Detection | ISSTA | 2024 | [link](https://doi.org/10.1145/3650212.3652124) | [link](https://github.com/Xin-Cheng-Wen/Comment4Vul) | | LLMDFA: Analyzing Dataflow in Code with Large Language Model | NeurIPS | 2024 | [link](https://chengpeng-wang.github.io/publications/LLMDFA_NeurIPS2024.pdf) | [link](https://github.com/chengpeng-wang/LLMDFA) | | Learning to Detect and Localize Multilingual Bugs | FSE | 2024 | [link](https://doi.org/10.1145/3660804) | | | GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis | ICSE | 2024 | [link](https://doi.org/10.1145/3597503.3639117) | | | Sanitizing Large Language Models in Bug Detection with Data-Flow | EMNLP | 2024 | [link](https://aclanthology.org/2024.findings-emnlp.217/) | [link](https://github.com/chengpeng-wang/LLMSAN) | | RealVul: Can We Detect Vulnerabilities in Web Applications with LLM? | EMNLP | 2024 | [link](https://aclanthology.org/2024.emnlp-main.472) | | | Where is it? Tracing the Vulnerability-relevant Files from Vulnerability Reports | ICSE | 2024 | [link](https://doi.org/10.1145/3597503.3639202) | [link](https://github.com/anonymous-77400046/vulnerability_file_trace) | | Dataflow Analysis-Inspired Deep Learning for Efficient Vulnerability Detection | ICSE | 2024 | [link](https://doi.org/10.1145/3597503.3623345) | [link](https://doi.org/10.6084/m9.figshare.21225413) | | Pre-training by Predicting Program Dependencies for Vulnerability Analysis Tasks | ICSE | 2024 | [link](https://doi.org/10.1145/3597503.3639142) | [link](https://github.com/ZJU-CTAG/PDBERT) | | Investigating Large Language Models for Code Vulnerability Detection: An Experimental Study | | 2024 | [link](https://arxiv.org/abs/2412.18260) | [link](https://github.com/SakiRinn/LLM4CVD) | | CleanVul: Automatic Function-Level Vulnerability Detection in Code Commits Using LLM Heuristics | | 2024 | [link](https://arxiv.org/abs/2411.17274) | [link](https://github.com/yikun-li/CleanVul) | | An Empirical Study of Vulnerability Detection using Federated Learning | | 2024 | [link](https://arxiv.org/abs/2411.16099) | | | LLM-SmartAudit: Advanced Smart Contract Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2410.09381) | [link](https://github.com/LLMAudit/LLMSmartAuditTool) | | Advancing Bug Detection in Fastjson2 with Large Language Models Driven Unit Test Generation | | 2024 | [link](https://arxiv.org/abs/2410.09414) | | | Large Language Model for Vulnerability Detection and Repair: Literature Review and the Road Ahead | | 2024 | [link](https://arxiv.org/abs/2404.02525) | | | StagedVulBERT: Multi-Granular Vulnerability Detection with a Novel Pre-trained Code Model | | 2024 | [link](https://arxiv.org/abs/2410.05766) | [link](https://github.com/YuanJiangGit/StagedVulBERT) | | LLM4Vuln: A Unified Evaluation Framework for Decoupling and Enhancing LLMs' Vulnerability Reasoning | | 2024 | [link](https://arxiv.org/abs/2401.16185) | | | Enhancing Source Code Security with LLMs: Demystifying The Challenges and Generating Reliable Repairs | | 2024 | [link](https://arxiv.org/abs/2409.00571) | | | Outside the Comfort Zone: Analysing LLM Capabilities in Software Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2408.16400) | | | ANVIL: Anomaly-based Vulnerability Identification without Labelled Training Data | | 2024 | [link](https://arxiv.org/abs/2408.16028) | | | Top Score on the Wrong Exam: On Benchmarking in Machine Learning for Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2408.12986) | | | Comparison of Static Application Security Testing Tools and Large Language Models for Repo-level Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2407.16235) | | | Vul-RAG: Enhancing LLM-based Vulnerability Detection via Knowledge-level RAG | | 2024 | [link](https://arxiv.org/abs/2406.11147) | | | Security Vulnerability Detection with Multitask Self-Instructed Fine-Tuning of Large Language Models | | 2024 | [link](https://arxiv.org/abs/2406.05892) | | | Generalization-Enhanced Code Vulnerability Detection via Multi-Task Instruction Fine-Tuning | ACL Findings | 2024 | [link](https://aclanthology.org/2024.findings-acl.625/) | [link](https://github.com/CGCL-codes/VulLLM) | | M2CVD: Enhancing Vulnerability Semantic through Multi-Model Collaboration for Code Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2406.05940) | [link](https://github.com/HotFrom/M2CVD) | | VulDetectBench: Evaluating the Deep Capability of Vulnerability Detection with Large Language Models | | 2024 | [link](https://arxiv.org/abs/2406.07595) | [link](https://github.com/Sweetaroo/VulDetectBench) | | LLM-Assisted Static Analysis for Detecting Security Vulnerabilities | | 2024 | [link](https://arxiv.org/abs/2405.17238) | | | Multi-role Consensus through LLMs Discussions for Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2403.14274) | [link](https://github.com/rockmao45/llmvulndetection) | | LLMs Cannot Reliably Identify and Reason About Security Vulnerabilities (Yet?): A Comprehensive Evaluation, Framework, and Benchmarks | IEEE S&P | 2024 | [link](https://www.computer.org/csdl/proceedings-article/sp/2024/313000a019/1RjE9Wb4Wze) | [link](https://github.com/ai4cloudops/secllmholmes) | | Large Language Model for Vulnerability Detection: Emerging Results and Future Directions | ICSE | 2024 | [link](https://dl.acm.org/doi/abs/10.1145/3639476.3639762) | | | Prompt-Enhanced Software Vulnerability Detection Using ChatGPT | ICSE | 2024 | [link](https://dl.acm.org/doi/10.1145/3639478.3643065) | | | DLAP: A Deep Learning Augmented Large Language Model Prompting Framework for Software Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2405.01202) | | | Harnessing Large Language Models for Software Vulnerability Detection: A Comprehensive Benchmarking Study | | 2024 | [link](https://arxiv.org/abs/2405.15614) | | | Enhancing Static Analysis for Practical Bug Detection: An LLM-Integrated Approach | OOPSLA | 2024 | [link](https://dl.acm.org/doi/10.1145/3649828) | [link](https://github.com/seclab-ucr/LLift) | | Source Code Vulnerability Detection: Combining Code Language Models and Code Property Graphs | | 2024 | [link](https://arxiv.org/abs/2404.14719) | [link](https://github.com/vul-lmgnn/vul-lmggnn) | | Enhancing Code Vulnerability Detection via Vulnerability-Preserving Data Augmentation | LCTES | 2024 | [link](https://dl.acm.org/doi/10.1145/3652032.3657564) | | | VulEval: Towards Repository-Level Evaluation of Software Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2404.15596) | | | Large Language Model for Vulnerability Detection and Repair: Literature Review and the Road Ahead | | 2024 | [link](https://arxiv.org/abs/2404.02525) | | | A Comprehensive Study of the Capabilities of Large Language Models for Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2403.17218) | | | Chain-of-Thought Prompting of Large Language Models for Discovering and Fixing Software Vulnerabilities | | 2024 | [link](https://arxiv.org/abs/2402.17230) | | | Finetuning Large Language Models for Vulnerability Detection | | 2024 | [link](https://arxiv.org/abs/2401.17010) | [link](https://github.com/rmusab/vul-llm-finetune) | | How Far Have We Gone in Vulnerability Detection Using Large Language Models | | 2023 | [link](https://arxiv.org/abs/2311.12420) | [link](https://github.com/Hustcw/VulBench) | | Transformer-based Vulnerability Detection in Code at EditTime: Zero-shot, Few-shot, or Fine-tuning? | | 2023 | [link](https://arxiv.org/abs/2306.01754) | | | Software Vulnerability Detection using Large Language Models | IEEE | 2023 | [link](https://ieeexplore.ieee.org/abstract/document/10301302) | | | DiverseVul: A New Vulnerable Source Code Dataset for Deep Learning Based Vulnerability Detection | RAID | 2023 | [link](https://dl.acm.org/doi/abs/10.1145/3607199.3607242) | | | VulBERTa: Simplified Source Code Pre-Training for Vulnerability Detection | IEEE | 2022 | [link](https://ieeexplore.ieee.org/abstract/document/9892280) | | | Deep Learning Based Vulnerability Detection: Are We There Yet? | IEEE | 2022 | [link](https://ieeexplore.ieee.org/abstract/document/9448435) | | | Transformer-Based Language Models for Software Vulnerability Detection | ACSAC | 2022 | [link](https://dl.acm.org/doi/abs/10.1145/3564625.3567985) | | | Software Vulnerability Detection Using Deep Neural Networks: A Survey | IEEE | 2020 | [link](https://ieeexplore.ieee.org/abstract/document/9108283) | | | Devign: effective vulnerability identification by learning comprehensive program semantics via graph neural networks | NeurIPS | 2019 | [link](https://dl.acm.org/doi/abs/10.5555/3454287.3455202) | | | μμVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection | IEEE | 2019 | [link](https://ieeexplore.ieee.org/abstract/document/8846081) | | | VulDeePecker: A Deep Learning-Based System for Vulnerability Detection | NDSS | 2018 | [link](https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_03A-2_Li_paper.pdf) | | # arxiv.md Automated daily capture and update of Arxiv papers for specified keywords through workflows. # Acknowledgements The project's Updated Arxiv Papers Daily workflow borrows from this project [LLM4SE](https://github.com/gai4se/LLM4SE). I refactored its original code by using the [arxiv](https://github.com/lukasschwab/arxiv.py) library.