LLMxCPG-Q

Model Description:

LLMxCPG-Q is a specialized Large Language Model designed for vulnerability analysis. It is a fine-tuned version of the Qwen2.5-Coder-32B-Instruct model, specifically trained to generate CPGQL queries for use with the Joern static analysis tool.

This model serves as the first phase of the LLMxCPG framework, which combines Code Property Graphs (CPG) with Large Language Models (LLM) for robust vulnerability detection. LLMxCPG-Q's core function is to generate precise queries that identify vulnerability-relevant execution paths in source code, enabling the creation of focused code slices.

How it Works:

The model takes a code snippet as input and outputs a valid CPGQL query. This query is then used by the Joern tool to traverse the Code Property Graph and extract a concise, vulnerability-focused code slice. This approach is highly effective because it overcomes the low-resource nature of the CPGQL language and allows for targeted program analysis.

GitHub Repository:

For more information, please visit the official GitHub repository: https://github.com/qcri/llmxcpg

Downloads last month: 250

Safetensors

Model size

33B params

Tensor type

BF16

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support

Model tree for QCRI/LLMxCPG-Q

Base model

Qwen/Qwen2.5-32B

Finetuned

Qwen/Qwen2.5-Coder-32B

Finetuned

Qwen/Qwen2.5-Coder-32B-Instruct

Finetuned

(96)

this model

Collection including QCRI/LLMxCPG-Q

LLMxCPG

Collection

Models for the paper entitled: "LLMxCPG: Context-Aware Vulnerability Detection Through Code Property Graph-Guided Large Language Models" • 5 items • Updated 5 days ago