VulTriage: Triple-Path Context Augmentation for LLM-Based Vulnerability Detection

Researchers introduce VulTriage, an LLM-based framework that enhances vulnerability detection in source code through triple-path context augmentation combining control flow analysis, vulnerability knowledge retrieval, and semantic summarization. The approach achieves state-of-the-art results on benchmark datasets and demonstrates strong generalization to low-resource scenarios.

VulTriage represents a meaningful advancement in automated software security by addressing a critical gap in LLM-based vulnerability detection. While large language models demonstrate strong code comprehension abilities, their raw application to vulnerability identification produces both false positives and missed detections when semantic differences between vulnerable and benign code are subtle. The framework's three-path architecture—extracting structural dependencies through AST/CFG/DFG analysis, retrieving domain-specific vulnerability patterns via hybrid retrieval, and contextualizing functional behavior—creates complementary information streams that collectively guide LLMs toward more accurate reasoning.

This work builds on growing recognition that unaugmented LLM prompting inadequately captures the multiple dimensions required for reliable security analysis. Previous approaches either relied on traditional static analysis with limited semantic understanding or attempted direct code-to-verdict LLM inference. VulTriage bridges this gap by maintaining structural rigor while leveraging LLM reasoning capabilities.

The practical implications extend across software development and security infrastructure. Development teams increasingly require scalable vulnerability detection that scales beyond expert-guided code review, particularly for organizations managing large codebases or supporting multiple programming languages. The demonstrated generalization to Kotlin and performance on class-imbalanced datasets suggests applicability across diverse real-world scenarios where vulnerability distribution mirrors production environments.

Longer-term, successful frameworks like VulTriage may influence how organizations approach security tooling integration. If adoption spreads, expect increased competition in AI-driven security analysis tools and potential consolidation where established security vendors integrate LLM-augmentation approaches into existing platforms.

• →VulTriage combines AST/CFG/DFG analysis, CWE-pattern retrieval, and semantic summarization to enhance LLM vulnerability detection accuracy.
• →The framework achieves state-of-the-art performance on PrimeVul benchmark while successfully generalizing to low-resource and class-imbalanced settings.
• →Triple-path context augmentation addresses the core problem that LLMs alone miss subtle semantic differences between vulnerable and benign code.
• →Open-source availability enables adoption across development teams and potential integration into security tooling ecosystems.
• →Strong generalization across programming languages suggests scalable enterprise applicability for vulnerability detection at scale.