{"paper":{"title":"PoC-Gym: Towards More Reliable LLM-Assisted Proof-of-Concept Exploit Generation","license":"http://creativecommons.org/licenses/by/4.0/","headline":"PoC-Gym generates post-hoc valid PoCs for 12 of 20 Java CVEs by requiring candidates to reach ground-truth vulnerable locations.","cross_cats":[],"primary_cat":"cs.SE","authors_text":"Amartya Das, Claire Wang, Derin Gezgin, Nevena Stojkovic, Shinhae Kim, Zhengdong Huang","submitted_at":"2026-02-04T02:59:03Z","abstract_excerpt":"Recently Large Language Models (LLMs) have been used in security-related tasks, including generating proof-of-concept (PoC) exploits. Several LLM-assisted approaches have been proposed; they typically generate PoCs from vulnerability descriptions and use additional guidance. But, such approaches are often ineffective because the signals-such as printed markers, generated files, or runtime side effects-that they use for validation may not imply that the vulnerability is triggered. Research for more reliable PoC generation is in need but yet remains challenging. We propose PoC-Gym, a pipeline fo"},"claims":{"count":4,"items":[{"kind":"strongest_claim","text":"Across 338 runs on 20 Java CVEs, PoC-Gym produces 65 post-hoc valid PoCs covering 12 CVEs; on the 14-CVE overlap with FaultLine the strongest configuration succeeds on 8 CVEs versus FaultLine's 5.","source":"verdict.strongest_claim","status":"machine_extracted","claim_id":"C1","attestation":"unclaimed"},{"kind":"weakest_assumption","text":"That reaching the ground-truth vulnerable location after a runtime-valid execution is sufficient evidence that the PoC actually triggers the reported vulnerability rather than an unrelated path.","source":"verdict.weakest_assumption","status":"machine_extracted","claim_id":"C2","attestation":"unclaimed"},{"kind":"one_line_summary","text":"PoC-Gym generates PoC exploits for Java CVEs via iterative LLM prompting with static traces and coverage feedback, yielding post-hoc valid PoCs for 12 of 20 evaluated CVEs and outperforming FaultLine on the 14-CVE overlap.","source":"verdict.one_line_summary","status":"machine_extracted","claim_id":"C3","attestation":"unclaimed"},{"kind":"headline","text":"PoC-Gym generates post-hoc valid PoCs for 12 of 20 Java CVEs by requiring candidates to reach ground-truth vulnerable locations.","source":"verdict.pith_extraction.headline","status":"machine_extracted","claim_id":"C4","attestation":"unclaimed"}],"snapshot_sha256":"bc1dd8095b36f178e0898cd757226a573e51ed53cb5a8c177b2479005faa8c96"},"source":{"id":"2602.04165","kind":"arxiv","version":2},"verdict":{"id":"263be721-1516-484f-bb0e-b82c2a7d883b","model_set":{"reader":"grok-4.3"},"created_at":"2026-05-16T08:01:56.892069Z","strongest_claim":"Across 338 runs on 20 Java CVEs, PoC-Gym produces 65 post-hoc valid PoCs covering 12 CVEs; on the 14-CVE overlap with FaultLine the strongest configuration succeeds on 8 CVEs versus FaultLine's 5.","one_line_summary":"PoC-Gym generates PoC exploits for Java CVEs via iterative LLM prompting with static traces and coverage feedback, yielding post-hoc valid PoCs for 12 of 20 evaluated CVEs and outperforming FaultLine on the 14-CVE overlap.","pipeline_version":"pith-pipeline@v0.9.0","weakest_assumption":"That reaching the ground-truth vulnerable location after a runtime-valid execution is sufficient evidence that the PoC actually triggers the reported vulnerability rather than an unrelated path.","pith_extraction_headline":"PoC-Gym generates post-hoc valid PoCs for 12 of 20 Java CVEs by requiring candidates to reach ground-truth vulnerable locations."},"references":{"count":17,"sample":[{"doi":"","year":null,"title":"touch /tmp/ code-injected","work_id":"5dbad851-e464-4792-94b5-3fc942dcca8f","ref_index":1,"cited_arxiv_id":"","is_internal_anchor":false},{"doi":"","year":2017,"title":"**Validation** - One *specific* programmatic check that confirms the goal (e.g., verify that ‘/tmp/code-injected‘ exists). Return exactly two sections in this format: ‘‘‘ ## Goal <goal sentence> ## Va","work_id":"06b1bf2e-7554-4848-b712-fd87c165cd4a","ref_index":2,"cited_arxiv_id":"","is_internal_anchor":false},{"doi":"","year":null,"title":"Provide **exactly one ** Java source file named ‘PoCTest.java‘ containing a public class ‘PoCTest‘ with a ‘main(String[] args)‘ method","work_id":"53bd4235-95ee-4fb7-88f2-60c16ea4980e","ref_index":3,"cited_arxiv_id":"","is_internal_anchor":false},{"doi":"","year":null,"title":"Do not rely on CLI arguments to switch behaviour; simply run the exploit path and report ‘[VULN]‘ on success","work_id":"d2c3811f-592e-499e-a78d-78ff44d58e5e","ref_index":4,"cited_arxiv_id":"","is_internal_anchor":false},{"doi":"","year":null,"title":"** As long as it is possible, do not import ‘java.lang.reflect","work_id":"a598a6e8-f82d-477a-a7d8-63661d3ffe7d","ref_index":5,"cited_arxiv_id":"","is_internal_anchor":false}],"resolved_work":17,"snapshot_sha256":"0844c30d9cf19d028eefa25bc38b97afb8581c6510186bc16d3cfd5278e13be9","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"}