VLAI:基於RoBERTa的自動化漏洞嚴重性分類模型
VLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classification
July 4, 2025
作者: Cédric Bonhomme, Alexandre Dulaunoy
cs.AI
摘要
本文介绍了VLAI,一种基于Transformer的模型,可直接从文本描述中预测软件漏洞的严重程度等级。VLAI建立在RoBERTa基础之上,通过对超过60万个现实世界中的漏洞进行微调,在预测严重性类别方面达到了超过82%的准确率,从而在人工CVSS评分之前实现更快、更一致的分类。该模型及数据集已开源,并整合至Vulnerability-Lookup服务中。
English
This paper presents VLAI, a transformer-based model that predicts software
vulnerability severity levels directly from text descriptions. Built on
RoBERTa, VLAI is fine-tuned on over 600,000 real-world vulnerabilities and
achieves over 82% accuracy in predicting severity categories, enabling faster
and more consistent triage ahead of manual CVSS scoring. The model and dataset
are open-source and integrated into the Vulnerability-Lookup service.