Most vulnerability scanners use rule-based pattern matching — they look for known bad patterns like strcpy or gets. This project is different. It uses a transformer model fine-tuned on 190,000 real CVE functions to learn the semantic patterns of vulnerable code — catching bugs that rule-based tools miss entirely.
| Metric | Target | Achieved |
|---|---|---|
| F1 Score | 0.65 | 0.782 ✅ |
| Recall | 0.72 | 0.722 ✅ |
| Precision | — | 0.853 |
| Vulnerabilities caught | — | 741 / 1026 |
| False alarms | — | 128 / 32,024 |
| Inference time | < 500ms | ~250ms ✅ |
Paste any C/C++ function and get an instant vulnerability verdict with CWE classification and fix suggestion.
Automatically scans every Pull Request. Posts inline comments on vulnerable code — no manual review needed.
Real-time red squiggly underlines on vulnerable code as you type. Shows CWE ID and confidence in the status bar.
C/C++ Code
↓
CodeBERT Tokenizer (50,265 token vocabulary)
↓
Fine-tuned CodeBERT (124M parameters)
↓
Classification Head (768 → 2)
↓
Vulnerability Score + CWE Classification
↓
FastAPI → Demo UI / GitHub Action / VS Code
| Dataset | Size | Purpose |
|---|---|---|
| BigVul | 190,000+ functions | Primary training |
| 33,050 held-out functions | Never seen during training | Final evaluation |
Training data comes from real CVE commits across Chrome, Linux kernel, OpenSSL, FFmpeg, and Android — not synthetic or toy examples.
Class distribution: 16:1 clean-to-vulnerable ratio, handled with weighted cross-entropy loss.
- Base model:
microsoft/codebert-base(RoBERTa trained on code) - Fine-tuning: Full model fine-tuning with AdamW optimizer, lr=2e-5
- Classification head: Linear(768, 2) with dropout=0.1
- Token limit: 512 tokens with truncation for long functions
- Threshold: 0.9985 optimal decision boundary (tuned on validation set)
- Export: ONNX format (473MB) for platform-independent deployment
| CWE | Type | Severity |
|---|---|---|
| CWE-119 | Buffer Overflow | Critical |
| CWE-416 | Use After Free | Critical |
| CWE-125 | Out-of-Bounds Read | High |
| CWE-20 | Improper Input Validation | High |
| CWE-362 | Race Condition | High |
| CWE-476 | NULL Pointer Dereference | Medium |
| CWE-399 | Resource Management Error | Medium |
- Python 3.11
- NVIDIA GPU (tested on RTX 4050 6GB)
- Node.js 20+ (for VS Code extension)
# Clone the repo
git clone https://github.com/Tharunnxx/neural-vuln-detector
cd neural-vuln-detector
# Create environment
conda create -n vulndetect python=3.11
conda activate vulndetect
# Install dependencies
pip install torch torchvision --index-url https://download.pytorch.org/whl/cu121
pip install transformers==4.44.0 fastapi uvicorn
# Start server
python app.pyimport requests
response = requests.post(
"http://localhost:8000/predict",
json={"code": "your C/C++ function here"}
)
print(response.json())
# {
# "vulnerable": true,
# "confidence": 0.9999,
# "label": "VULNERABLE",
# "cwe_id": "CWE-476",
# "cwe_name": "NULL Pointer Dereference",
# "cwe_fix": "Always check pointer values before dereferencing.",
# "severity": "Medium",
# "inference_time_ms": 247.3
# }neural-vuln-detector/
├── app.py # FastAPI inference server
├── demo.html # Interactive web demo
├── model.onnx # ONNX exported model (473MB)
├── checkpoints/
│ └── best_model.pt # Best checkpoint (F1: 0.879 val)
├── notebooks/
│ ├── 02_data_exploration # BigVul dataset analysis
│ ├── 03_data_preprocessing # Tokenization pipeline
│ ├── 04_model_building # CodeBERT classifier
│ ├── 05_fast_training # Full training run
│ ├── 06_final_evaluation # Test set evaluation
│ └── 07_onnx_export # ONNX conversion
├── .github/workflows/
│ └── vuln-scan.yml # GitHub Action
└── vuln-detector-extension/ # VS Code extension
├── src/extension.ts
└── package.json
Built a neural code vulnerability detection engine by fine-tuning CodeBERT on BigVul (190K real CVE functions), achieving F1 0.782 and Recall 0.722 on unseen test data — deployed as a FastAPI server (sub-250ms GPU inference), a GitHub Action that auto-scans PRs with inline CWE comments, and a VS Code extension with real-time red underlines detecting CWE-476/119/416 at 100% confidence.
Python PyTorch HuggingFace Transformers FastAPI ONNX TypeScript GitHub Actions CUDA
Trained on 190K real CVEs · Deployed three ways




