The paper introduces Phoenix, a training-free multi-agent framework that detects code vulnerabilities by synthesizing project-specific behavioral contracts, significantly outperforming existing method…

DCVD proposes a dual-channel cross-modal fusion framework that jointly detects software vulnerabilities and precisely localizes the vulnerable lines, outperforming existing state-of-the-art methods.

The paper introduces an efficient, lightweight LLM framework for smart contract auditing that decouples the audit process into multiple components, achieving high accuracy while significantly reducing…

VulStyle introduces a multi-modal model that jointly encodes source code, non-terminal AST structure, and code stylometry features to achieve state-of-the-art performance in software vulnerability det…

LibScan is an automated framework that detects eight categories of smart contract library misuse by combining LLM-based semantic reasoning with rule-based analysis, achieving 85.15% accuracy on real-w…

Knowdit is a knowledge-driven, agentic framework that significantly improves smart contract vulnerability detection by modeling shared DeFi semantics and leveraging historical audit knowledge.

DeepGuard introduces a novel multi-layer semantic aggregation framework to enhance secure code generation by collecting vulnerability cues from multiple upper layers of LLMs, significantly improving s…

GoAT-X introduces a novel framework that structures cross-chain smart contract auditing as a Graph of Auditing Thoughts, significantly improving the detection of complex, semantic vulnerabilities in m…

The paper introduces Bastet, a novel, high-quality, expert-labeled dataset designed to overcome limitations in existing resources for detecting complex smart contract vulnerabilities in DeFi.

The paper introduces FAUDITOR, a specialized, self-learning fuzzer that detects complex Monetarily Exploitable Vulnerabilities (MEVuls) in smart contracts by integrating NLP-processed auditor knowledg…

This systematic mapping survey reviews label-efficient approaches for code vulnerability detection, synthesizing five paradigm families and providing a decision guide to navigate trade-offs.

This paper outlines a comprehensive research framework for smart contract security, moving beyond simple vulnerability detection to encompass advanced areas like semantic reasoning, automated repair,…

The paper proposes a novel cross-modal backdoor attack that exploits the vulnerability of lightweight connectors in multimodal LLMs, demonstrating high attack success rates across different modalities…

The paper introduces PSR extsuperscript{2}, a novel static analysis framework that significantly improves the detection of atomicity violations in smart contracts by combining structural path searchin…

The paper introduces 'abliteration,' a weight editing technique that successfully bypasses the refusal mechanism of safety-aligned Code LLMs, enabling scalable synthesis of vulnerable code from safe i…

The paper introduces Semantic Compliance Hijacking (SCH), a novel payload-less attack that exploits LLM agent supply chains by manipulating compliance rules to force unauthorized code generation, achi…

This paper empirically demonstrates that current Static Application Security Testing (SAST) tools are fundamentally unreliable against common JavaScript obfuscation techniques, showing that obfuscatio…

AttackPathGNN proposes a novel graph neural network approach to detect smart contract vulnerabilities by modeling explicit attack paths and function interactions, achieving high detection rates on sta…

The paper introduces a systematic benchmark to test LLMs' ability to recover Indicators of Compromise (IoCs) from JavaScript code, finding that while LLMs handle simple obfuscation well, encryption-ba…

NFTDELTA is a novel framework that uses multi-view learning on static code analysis to detect permission control vulnerabilities in NFT contracts with high accuracy.