ABSTRACT Vulnerability detection in software code is essential across multiple programming languages. However, existing approaches often introduce security vulnerabilities, as they rely only on token‐based analysis, and most existing models were developed for specific programming languages. This study develops an enhanced vulnerability detection framework that incorporates a graph‐based representation and a tokenized representation for effective vulnerability detection across multiple programming languages. An enhanced vulnerability detection framework is proposed in this study that leverages code property graphs (CPGs) and graph attention networks (GATs) to capture structural code relationships, while byte pair encoding (BPE) and CodeT5+ perform token‐level vulnerability detection. The fusion of graph‐based and token‐based representations improves accuracy in identifying security flaws such as buffer overflows, injection attacks and memory leaks. To evaluate the efficacy of the proposed vulnerability detection framework, we conducted an experimental study on three vulnerability datasets. The three datasets detect the vulnerabilities with an accuracy of 96.71%, 98.80% and 95.84%. This shows that the proposed model effectively detects vulnerability across multiple programming languages.
A et al. (Fri,) studied this question.