Dissecting the Black Box: Circuit-Level Analysis of LLM Vulnerability Detection

Large language models LLMs can detect software vulnerabilities, but how do they actually identify vulnerable code? We address this question using mechanistic interpretability; analyzing the internal computations of a neural network to understand its reasoning process.Using Circuit Tracer on...

Exploit for SQL Injection in Drupal

CVE-2026-9082 Passive checker for CVE-2026-9082 / SA-CORE-2...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 / Copy Fail Checker 🔒 Linux kernel vulnerabili...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Strapi

CVE-2026-27886 Vulnerability Assessment Tool Safely detect wh...

CodeQL 2.25.5

Discover vulnerabilities across a codebase with CodeQL, an industry-leading semantic code analysis engine. CodeQL lets you query code as though it were data. Write a query to find all variants of a vulnerability, eradicating it forever. Then share your query to help others do the same...

Hunting Vulnerability Variants in AI Infra: Measurement and Reference-Driven Detection

AI infra has become a shared execution layer for model training, deployment, and agent orchestration. Because many projects reimplement similar model-centric workflows, a vulnerability disclosed in one repository can recur as a variant in another repository with a related design. Yet the prevalen...

Three Heads Are Better Than One: A Multi-Perspective Reasoning Framework for Enhanced Vulnerability Detection

Automated vulnerability detection is crucial for enhancing software security by identifying potential flaws that attackers could exploit, thereby reducing the reliance on labor-intensive manual code audits. Recent advancements have shifted towards leveraging large language models LLMs for...

DCVD: Dual-Channel Cross-Modal Fusion for Joint Vulnerability Detection and Localization

Software vulnerability detection plays a critical role in ensuring system security, where real-world auditing requires not only determining whether a function is vulnerable but also pinpointing the specific lines responsible. However, existing approaches either rely on a single information source...

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

OpenAI has launched Daybreak , a new cybersecurity initiative that brings together frontier artificial intelligence AI model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues. "Daybreak combines the...

Spring Office Hours Podcast: S5E15 - Upgrading Spring and OSS Security

Join Dan Vega and DaShaun Carter for the latest updates from the Spring Ecosystem. In this episode, Dan and DaShaun tackle two challenges every Spring developer faces: keeping applications up to date and staying ahead of security vulnerabilities in open source dependencies. They explore how AI...

MARGIN: Margin-Aware Regularized Geometry for Imbalanced Vulnerability Detection

Software vulnerability detection is critical for ensuring software security and reliability. Despite recent advances in deep learning, real-world vulnerability datasets suffer from two severe challenges: frequency imbalance and difficulty imbalance. We reinterpret these challenges from an embeddi...

Securing the Dark Matter: A Semantic-Enhanced Neuro-Symbolic Framework for Supply Chain Analysis of Opaque Industrial Software

Automated vulnerability detection in critical-infrastructure software confronts a fundamental barrier: industrial software is routinely deployed as stripped, symbol-free binaries that deprive conventional Software Composition Analysis of the source-level transparency it requires. Existing binary...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 | cPanel/WHM Authentication Bypass Detection...

Tailored Prompts, Targeted Protection: Vulnerability-Specific LLM Analysis for Smart Contracts

Smart contracts on blockchains are prone to diverse security vulnerabilities that can lead to significant financial losses due to their immutable nature. Existing detection approaches often lack flexibility across vulnerability types and rely heavily on manually crafted expert rules. In this pape...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 Detection & Verification !License: MIThttp...

How Code Representation Shapes False-Positive Dynamics in Cross-Language LLM Vulnerability Detection

How code representation format shapes false positive behaviour in cross-language LLM vulnerability detection remains poorly understood. We systematically vary training intensity and code representation format, comparing raw source text with pruned Abstract Syntax Trees at both training time and...

VulStyle: A Multi-Modal Pre-Training for Code Stylometry-Augmented Vulnerability Detection

We present VulStyle, a multi-modal software vulnerability detection model that jointly encodes function-level source code, non-terminal Abstract Syntax Tree AST structure, and code stylometry CStyle features. Prior work in code representation primarily leverages token-level models or full AST...

Symbolic Execution Meets Multi-LLM Orchestration: Detecting Memory Vulnerabilities in Incomplete Rust CVE Snippets

This paper presents a system combining symbolic execution KLEE with a 4-agent multi-LLM architecture for detecting memory vulnerabilities in Rust unsafe code. A central challenge we address is the incomplete-code problem: CVE database entries provide only isolated code snippets that lack struct...

A Systematic Literature Review for Transformer-Based Software Vulnerability Detection

Context: Software vulnerabilities pose significant security threats to software systems, especially as software is increasingly used across many areas of daily life, including health, government, and finance. Recently, transformer-based models have demonstrated promising results in automatic...

DarkWin-NGASR

🌌 DARKWIN — Next-Gen Automated Security Research Develope...