pith. sign in
Pith Number

pith:YIMYYIHN

pith:2026:YIMYYIHNGO2E6M5DMR7WQM4MGE
not attested not anchored not stored refs resolved

MemRepair: Hierarchical Memory for Agentic Repository-Level Vulnerability Repair

Fang Liu, Li Zhang, Simiao Liu, Xiaoli Lian, Yang Liu, Yinghao Zhu

MemRepair equips LLM repair agents with three persistent memory layers so they can reuse past fixes, security patterns, and refinement paths when fixing vulnerabilities across large code repositories.

arxiv:2605.17444 v1 · 2026-05-17 · cs.SE · cs.AI · cs.CL

Open paper page JSON Open Graph Bundle Merged state What is a Pith Number?
Add to your LaTeX paper 
\usepackage{pith}
\pithnumber{YIMYYIHNGO2E6M5DMR7WQM4MGE}

Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more

Record completeness

1 Bitcoin timestamp
2 Internet Archive
3 Author claim open · sign in to claim
4 Citations open
5 Replications open
Portable graph bundle live · download bundle · merged state
The bundle contains the canonical record plus signed events. A mirror can host it anywhere and recompute the same current state with the deterministic merge algorithm.

Claims

C1strongest claim

MemRepair achieves state-of-the-art resolution rates of 58.0%, 58.2%, and 30.58% on SEC-Bench, PatchEval (Python, Go, JavaScript), and the C++ subset of Multi-SWE-bench, outperforming OpenHands, SWE-agent, and InfCode-C++ while maintaining competitive repair cost.

C2weakest assumption

The three memory layers can be retrieved and applied at runtime in a manner that produces net positive gains on complex multi-file repairs without introducing retrieval errors or excessive latency that would negate the benefit.

C3one line summary

MemRepair is a hierarchical memory-augmented agent framework that raises repository-level vulnerability repair rates to 58.0-58.2% on Python/Go/JS benchmarks and 30.58% on C++ by combining history, pattern, and refinement memories with iterative feedback.

References

60 extracted · 60 resolved · 7 Pith anchors

[1] Common Weakness Enumeration 2026
[2] National Vulnerability Database (NVD) 2026
[3] Aider. 2024. Introducing Aider. https://aider.chat/ Accessed: 2026-01-15 2024
[4] Alfred Asare Amoah and Yan Liu. 2025. Explainable Recommendation of Soft- ware Vulnerability Repair Based on Metadata Retrieval and Multifaceted LLMs. Machine Learning and Knowledge Extraction7, 4 (20 2025 · doi:10.3390/make7040149
[5] Guru Bhandari, Amara Naseer, and Leon Moonen. 2021. CVEfixes: automated collection of vulnerabilities and their fixes from open-source software. InProceed- ings of the 17th International Conference on 2021

Formal links

2 machine-checked theorem links

Receipt and verification
First computed 2026-05-20T00:04:39.198116Z
Builder pith-number-builder-2026-05-17-v1
Signature Pith Ed25519 (pith-v1-2026-05) · public key
Schema pith-number/v1.0

Canonical hash

c2198c20ed33b44f33a3647f68338c312547f3d5467d07dd5eaa6c1bfa53b94a

Aliases

arxiv: 2605.17444 · arxiv_version: 2605.17444v1 · doi: 10.48550/arxiv.2605.17444 · pith_short_12: YIMYYIHNGO2E · pith_short_16: YIMYYIHNGO2E6M5D · pith_short_8: YIMYYIHN
Agent API
Resolver JSON Graph JSON Events JSON Schema Signing key
Verify this Pith Number yourself 
curl -sH 'Accept: application/ld+json' https://pith.science/pith/YIMYYIHNGO2E6M5DMR7WQM4MGE \
  | jq -c '.canonical_record' \
  | python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: c2198c20ed33b44f33a3647f68338c312547f3d5467d07dd5eaa6c1bfa53b94a
Canonical record JSON 
{
  "metadata": {
    "abstract_canon_sha256": "413214767acc6b2cb2cadb7eb39810c70c73388f2b1a75ec748238d21fe713c3",
    "cross_cats_sorted": [
      "cs.AI",
      "cs.CL"
    ],
    "license": "http://arxiv.org/licenses/nonexclusive-distrib/1.0/",
    "primary_cat": "cs.SE",
    "submitted_at": "2026-05-17T13:29:46Z",
    "title_canon_sha256": "031c8c3e5ebdf735586083681faccc786e1f5f9e0cb815361fb6675aecba481f"
  },
  "schema_version": "1.0",
  "source": {
    "id": "2605.17444",
    "kind": "arxiv",
    "version": 1
  }
}