{"id":"https://openalex.org/W7129756567","doi":"https://doi.org/10.1016/j.infsof.2026.108087","title":"PatchFuzz: Patch fuzzing for JavaScript engines","display_name":"PatchFuzz: Patch fuzzing for JavaScript engines","publication_year":2026,"publication_date":"2026-02-17","ids":{"openalex":"https://openalex.org/W7129756567","doi":"https://doi.org/10.1016/j.infsof.2026.108087"},"language":"en","primary_location":{"id":"doi:10.1016/j.infsof.2026.108087","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.infsof.2026.108087","pdf_url":null,"source":{"id":"https://openalex.org/S205010575","display_name":"Information and Software Technology","issn_l":"0950-5849","issn":["0950-5849","1873-6025"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information and Software Technology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1016/j.infsof.2026.108087","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5126189253","display_name":"Junjie Wang","orcid":null},"institutions":[{"id":"https://openalex.org/I162868743","display_name":"Tianjin University","ror":"https://ror.org/012tb2g32","country_code":"CN","type":"education","lineage":["https://openalex.org/I162868743"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Junjie Wang","raw_affiliation_strings":["Tianjin University, Tianjin, China"],"raw_orcid":"https://orcid.org/0009-0002-3847-6760","affiliations":[{"raw_affiliation_string":"Tianjin University, Tianjin, China","institution_ids":["https://openalex.org/I162868743"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126237673","display_name":"Zhihua Xie","orcid":null},"institutions":[{"id":"https://openalex.org/I162868743","display_name":"Tianjin University","ror":"https://ror.org/012tb2g32","country_code":"CN","type":"education","lineage":["https://openalex.org/I162868743"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhihua Xie","raw_affiliation_strings":["Tianjin University, Tianjin, China"],"raw_orcid":"https://orcid.org/0009-0002-4840-1842","affiliations":[{"raw_affiliation_string":"Tianjin University, Tianjin, China","institution_ids":["https://openalex.org/I162868743"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126186477","display_name":"Xiaofei Xie","orcid":null},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Xiaofei Xie","raw_affiliation_strings":["Singapore Management University, Singapore, Singapore"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102717874","display_name":"Xiaoning Du","orcid":null},"institutions":[{"id":"https://openalex.org/I56590836","display_name":"Monash University","ror":"https://ror.org/02bfwt286","country_code":"AU","type":"education","lineage":["https://openalex.org/I56590836"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Xiaoning Du","raw_affiliation_strings":["Monash University, Melbourne, Australia"],"raw_orcid":"https://orcid.org/0000-0003-3728-9541","affiliations":[{"raw_affiliation_string":"Monash University, Melbourne, Australia","institution_ids":["https://openalex.org/I56590836"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5126176434","display_name":"Xiangwei Zhang","orcid":null},"institutions":[{"id":"https://openalex.org/I162868743","display_name":"Tianjin University","ror":"https://ror.org/012tb2g32","country_code":"CN","type":"education","lineage":["https://openalex.org/I162868743"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiangwei Zhang","raw_affiliation_strings":["Tianjin University, Tianjin, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Tianjin University, Tianjin, China","institution_ids":["https://openalex.org/I162868743"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5102717874"],"corresponding_institution_ids":["https://openalex.org/I56590836"],"apc_list":{"value":3350,"currency":"USD","value_usd":3350},"apc_paid":{"value":3350,"currency":"USD","value_usd":3350},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.28837209,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"194","issue":null,"first_page":"108087","last_page":"108087"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9628999829292297,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9628999829292297,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.009200000204145908,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.0066999997943639755,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9860000014305115},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.7799999713897705},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.5303000211715698},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4519999921321869},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.42890000343322754},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.3163999915122986}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9860000014305115},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.7799999713897705},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6935999989509583},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.5303000211715698},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5206999778747559},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4519999921321869},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.42890000343322754},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.33660000562667847},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.3163999915122986},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.311599999666214},{"id":"https://openalex.org/C118530786","wikidata":"https://www.wikidata.org/wiki/Q1134732","display_name":"Instrumentation (computer programming)","level":2,"score":0.30799999833106995},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2818000018596649},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.2734000086784363},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.26589998602867126},{"id":"https://openalex.org/C2776252893","wikidata":"https://www.wikidata.org/wiki/Q1364836","display_name":"FLEX","level":2,"score":0.2624000012874603}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1016/j.infsof.2026.108087","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.infsof.2026.108087","pdf_url":null,"source":{"id":"https://openalex.org/S205010575","display_name":"Information and Software Technology","issn_l":"0950-5849","issn":["0950-5849","1873-6025"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information and Software Technology","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1016/j.infsof.2026.108087","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.infsof.2026.108087","pdf_url":null,"source":{"id":"https://openalex.org/S205010575","display_name":"Information and Software Technology","issn_l":"0950-5849","issn":["0950-5849","1873-6025"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information and Software Technology","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W2766540688","https://openalex.org/W2891235722","https://openalex.org/W3212502694","https://openalex.org/W4308643023"],"related_works":[],"abstract_inverted_index":{"Patch":[0],"fuzzing":[1,23,148,208],"is":[2,58,164],"a":[3,93,193],"technique":[4],"aimed":[5],"at":[6],"identifying":[7],"vulnerabilities":[8,98,111],"that":[9],"arise":[10],"from":[11,132],"newly":[12],"patched":[13],"code.":[14],"While":[15],"researchers":[16],"have":[17,34,189],"made":[18],"efforts":[19,33],"to":[20,24,37,108,122,135,145,167,219],"apply":[21],"patch":[22,82,207],"testing":[25],"JavaScript":[26,210],"(JS)":[27],"engines":[28,188,211],"with":[29,64],"considerable":[30],"success,":[31],"these":[32,56,71,133],"been":[35,190,199],"limited":[36,147],"using":[38],"ordinary":[39],"test":[40],"cases":[41],"or":[42],"publicly":[43],"available":[44],"vulnerability":[45],"PoCs":[46,91,103,131,215],"(Proof":[47],"of":[48,55,90,92,96,162,171,179,195],"Concepts)":[49],"as":[50],"seeds,":[51],"and":[52,99,104,129,192,205,216],"the":[53,61,66,88,102,137,151,169,172,177],"sustainability":[54],"approaches":[57],"hindered":[59],"by":[60,116,212],"challenges":[62],"associated":[63],"automating":[65],"PoC":[67],"collection.":[68],"To":[69],"address":[70],"limitations,":[72],"we":[73],"propose":[74],"an":[75],"end-to-end":[76],"sustainable":[77,204],"approach":[78],"for":[79,139,209],"JS":[80,187],"engine":[81],"fuzzing,":[83,140],"named":[84],"PatchFuzz.":[85,180],"It":[86],"automates":[87],"collection":[89],"broader":[94],"range":[95],"historical":[97,214],"leverages":[100],"both":[101],"their":[105],"corresponding":[106],"patches":[107],"uncover":[109],"new":[110],"more":[112,152],"effectively.":[113],"PatchFuzz":[114,163,201],"starts":[115],"recognizing":[117],"git":[118],"commits":[119,134],"which":[120],"intend":[121],"fix":[123],"security":[124],"bugs.":[125],"Subsequently,":[126],"it":[127],"extracts":[128],"processes":[130],"form":[136],"seeds":[138],"while":[141],"utilizing":[142],"code":[143,154,223],"revisions":[144],"focus":[146,220],"resources":[149],"on":[150,221],"vulnerable":[153,222],"areas":[155],"through":[156],"selective":[157,217],"instrumentation.":[158],"The":[159],"mutation":[160],"strategy":[161],"also":[165],"optimized":[166],"maximize":[168],"potential":[170],"PoCs.":[173],"Experimental":[174],"results":[175],"demonstrate":[176],"effectiveness":[178],"Notably,":[181],"54":[182],"bugs":[183],"across":[184],"six":[185],"popular":[186],"exposed":[191],"total":[194],"$62,500":[196],"bounties":[197],"has":[198],"received.":[200],"effectively":[202],"enables":[203],"automated":[206],"leveraging":[213],"instrumentation":[218],"regions.":[224]},"counts_by_year":[],"updated_date":"2026-02-19T06:27:42.648592","created_date":"2026-02-18T00:00:00"}