Modeling and discovering vulnerabilities with code property graphs

representative citing papers

citing papers explorer

Showing 11 of 11 citing papers.

• Relevant Walk Search for Explaining Graph Neural Networks cs.LG · 2026-05-22 · unverdicted · none · ref 55

  Polynomial-time max-product algorithms for exact (neuron-level) and approximate (node-level) top-K relevant walk search in GNN-LRP explanations.

• SCARA: A Semantics-Constrained Autonomous Remediation Agent for Opaque Industrial Software Vulnerabilities cs.CR · 2026-05-19 · unverdicted · none · ref 39

  SCARA introduces a four-stage pipeline using state-aware verification and constrained synthesis to remediate vulnerabilities in source-unavailable industrial software, reporting 100% precision and 88.9% success on a 15-case benchmark.

• Constrained Code Generation with Discrete Diffusion cs.CL · 2026-05-16 · unverdicted · none · ref 35

  Constrained Diffusion for Code (CDC) integrates constraint satisfaction into the reverse denoising process of discrete diffusion models via constraint-aware operators that use optimization and program analysis to steer generation toward feasible programs.

• ARISE: A Repository-level Graph Representation and Toolset for Agentic Fault Localization and Program Repair cs.SE · 2026-05-04 · unverdicted · none · ref 38

  ARISE adds a data-flow-augmented repository graph and three-tier tool API to LLM agents, raising Function Recall@1 by 17 points, Line Recall@1 by 15 points, and Pass@1 repair rate to 22% on SWE-bench Lite.

• CodeComp: Structural KV Cache Compression for Agentic Coding cs.CL · 2026-04-11 · unverdicted · none · ref 15

  CodeComp uses Joern-extracted Code Property Graph priors for training-free structural KV cache compression, outperforming attention-only baselines on bug localization and code generation while matching full-context patch quality.

• NESA: Relational Neuro-Symbolic Static Program Analysis cs.PL · 2024-12-18 · conditional · none · ref 45

  NESA presents a neuro-symbolic framework that decomposes static analyses into policy-defined sub-problems solved by parsers and LLMs to enable compilation-free customizable analysis with reduced hallucinations.

• Quality-Assured Fuzz Harness Generation via the Four Principles Framework cs.CR · 2026-05-20 · unverdicted · none · ref 48

  QuartetFuzz introduces the Four Principles framework for harness correctness and deploys an autonomous LLM agent that produces verified harnesses, yielding 29 confirmed bugs across 23 projects and identifying violations in existing harnesses.

• Code-Centric Detection of Vulnerability-Fixing Commits: A Unified Benchmark and Empirical Study cs.SE · 2026-05-13 · accept · none · ref 64

  Code language models show no transferable security understanding from code diffs alone, rely on commit messages, miss over 93% of fixes at 0.5% false positive rate, and suffer large drops under group or temporal splits.

• Less Is More: Measuring How LLM Involvement affects Chatbot Accuracy in Static Analysis cs.SE · 2026-04-23 · unverdicted · none · ref 26

  A structured JSON intermediate representation for LLM-generated static analysis queries outperforms both direct generation and agentic tool use, with gains of 15-25 percentage points on large models.

• SAGE: Signal-Amplified Guided Embeddings for LLM-based Vulnerability Detection cs.CR · 2026-04-21 · unverdicted · none · ref 62

  SAGE uses sparse autoencoders to boost vulnerability signals in LLMs, raising internal SNR 12.7x and delivering up to 318% MCC gains on vulnerability detection benchmarks.

• LLM-Based Static Verification of Code Against Natural-Language Requirements: An Industrial Experience Report cs.SE · 2026-05-18 · unverdicted · none · ref 5

  The authors describe an LLM-based two-stage workflow for static verification of code against natural-language requirements via rule extraction and auditing in a cybersecurity case study.