{"id":"https://openalex.org/W7160521014","doi":"https://doi.org/10.48550/arxiv.2605.04251","title":"Root-Cause-Driven Automated Vulnerability Repair","display_name":"Root-Cause-Driven Automated Vulnerability Repair","publication_year":2026,"publication_date":"2026-05-05","ids":{"openalex":"https://openalex.org/W7160521014","doi":"https://doi.org/10.48550/arxiv.2605.04251"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2605.04251","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.04251","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2605.04251","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5135617278","display_name":"Hulin Wang","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Wang, Hulin","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135540998","display_name":"Zion Leonahenahe Basque","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Basque, Zion Leonahenahe","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135562835","display_name":"Jie Hu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hu, Jie","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5130215554","display_name":"Ati Priya Bajaj","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Bajaj, Ati Priya","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135559786","display_name":"Yibo Liu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Liu, Yibo","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015185410","display_name":"Samuel Zhu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhu, Samuel","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135589475","display_name":"Giorgi Kobakhia","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kobakhia, Giorgi","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135591441","display_name":"Nikhil Chapre","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Chapre, Nikhil","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135540937","display_name":"Will Rosenberg","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Rosenberg, Will","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135558113","display_name":"Siddharth Mishra","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mishra, Siddharth","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135610882","display_name":"Aditya Maheshbhai Gabani","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Gabani, Aditya Maheshbhai","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135610471","display_name":"Moritz Schloegel","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Schloegel, Moritz","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135631044","display_name":"Adam Doup\u00e9","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Doup\u00e9, Adam","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026842092","display_name":"Yan Shoshitaishvili","orcid":"https://orcid.org/0000-0001-8832-1789"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Shoshitaishvili, Yan","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5135546996","display_name":"Ruoyu Wang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Wang, Ruoyu","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5076987446","display_name":"Tiffany Bao","orcid":"https://orcid.org/0000-0001-6424-0001"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Bao, Tiffany","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":16,"corresponding_author_ids":["https://openalex.org/A5135617278"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.8102999925613403,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.8102999925613403,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.0689999982714653,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.031199999153614044,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/oracle","display_name":"Oracle","score":0.5812000036239624},{"id":"https://openalex.org/keywords/codebase","display_name":"Codebase","score":0.5418000221252441},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.5274999737739563},{"id":"https://openalex.org/keywords/metric","display_name":"Metric (unit)","score":0.4593000113964081},{"id":"https://openalex.org/keywords/root-cause","display_name":"Root cause","score":0.4553000032901764},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4505000114440918},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.4487999975681305},{"id":"https://openalex.org/keywords/root-cause-analysis","display_name":"Root cause analysis","score":0.4334000051021576},{"id":"https://openalex.org/keywords/coding","display_name":"Coding (social sciences)","score":0.4194999933242798}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7153000235557556},{"id":"https://openalex.org/C55166926","wikidata":"https://www.wikidata.org/wiki/Q2892946","display_name":"Oracle","level":2,"score":0.5812000036239624},{"id":"https://openalex.org/C51929080","wikidata":"https://www.wikidata.org/wiki/Q2425187","display_name":"Codebase","level":3,"score":0.5418000221252441},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.5274999737739563},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.4593000113964081},{"id":"https://openalex.org/C84945661","wikidata":"https://www.wikidata.org/wiki/Q7366567","display_name":"Root cause","level":2,"score":0.4553000032901764},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4505000114440918},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.4487999975681305},{"id":"https://openalex.org/C130963320","wikidata":"https://www.wikidata.org/wiki/Q1401207","display_name":"Root cause analysis","level":2,"score":0.4334000051021576},{"id":"https://openalex.org/C179518139","wikidata":"https://www.wikidata.org/wiki/Q5140297","display_name":"Coding (social sciences)","level":2,"score":0.4194999933242798},{"id":"https://openalex.org/C71901391","wikidata":"https://www.wikidata.org/wiki/Q7126699","display_name":"Upload","level":2,"score":0.4092999994754791},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.40689998865127563},{"id":"https://openalex.org/C2779530757","wikidata":"https://www.wikidata.org/wiki/Q1207505","display_name":"Quality (philosophy)","level":2,"score":0.3955000042915344},{"id":"https://openalex.org/C189430467","wikidata":"https://www.wikidata.org/wiki/Q7293293","display_name":"Ranking (information retrieval)","level":2,"score":0.39160001277923584},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.38440001010894775},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.37049999833106995},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.365200012922287},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.3571000099182129},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3497999906539917},{"id":"https://openalex.org/C165064840","wikidata":"https://www.wikidata.org/wiki/Q1321061","display_name":"Matching (statistics)","level":2,"score":0.3472000062465668},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.3188000023365021},{"id":"https://openalex.org/C117447612","wikidata":"https://www.wikidata.org/wiki/Q1412670","display_name":"Software quality","level":4,"score":0.3034999966621399},{"id":"https://openalex.org/C184898388","wikidata":"https://www.wikidata.org/wiki/Q1435712","display_name":"Pairwise comparison","level":2,"score":0.2957000136375427},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.29499998688697815},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.2924000024795532},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.28450000286102295},{"id":"https://openalex.org/C2779338814","wikidata":"https://www.wikidata.org/wiki/Q5179285","display_name":"Covert","level":2,"score":0.28110000491142273},{"id":"https://openalex.org/C2779662365","wikidata":"https://www.wikidata.org/wiki/Q5416694","display_name":"Event (particle physics)","level":2,"score":0.2777999937534332},{"id":"https://openalex.org/C128942645","wikidata":"https://www.wikidata.org/wiki/Q1568346","display_name":"Test case","level":3,"score":0.2700999975204468},{"id":"https://openalex.org/C200601418","wikidata":"https://www.wikidata.org/wiki/Q2193887","display_name":"Reliability engineering","level":1,"score":0.265500009059906},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.26030001044273376}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2605.04251","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.04251","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2605.04251","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2605.04251","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"score":0.4226734936237335,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Recent":[0],"LLM-based":[1,67],"systems":[2],"have":[3],"made":[4],"automated":[5,131,153,196],"vulnerability":[6,197],"repair":[7,23,150,198],"increasingly":[8],"practical,":[9],"but":[10,205],"two":[11],"challenges":[12,90],"remain.":[13],"First,":[14],"without":[15],"strong":[16],"signals":[17],"about":[18],"where":[19],"a":[20,83,124,157],"bug":[21],"originates,":[22],"agents":[24,151],"drift":[25],"toward":[26],"shallow":[27],"edits":[28],"that":[29,58,87,129,167,193],"silence":[30],"the":[31,36,42,53,63,102,105,110,183],"observed":[32],"failure":[33],"while":[34,155],"leaving":[35],"underlying":[37],"defect":[38],"unresolved.":[39],"Second,":[40],"finding":[41],"root":[43,64],"cause":[44],"for":[45],"bugs":[46],"is":[47,180],"hard:":[48],"even":[49],"developers":[50],"familiar":[51],"with":[52,70,97,134],"codebase":[54],"frequently":[55],"produce":[56],"fixes":[57,174,214],"address":[59],"symptoms":[60],"rather":[61],"than":[62],"cause,":[65],"and":[66,73,175,179],"agents,":[68],"operating":[69],"noisier":[71],"context":[72],"less":[74],"program":[75],"understanding,":[76],"are":[77],"no":[78],"exception.":[79],"We":[80],"present":[81],"Kumushi,":[82],"root-cause-driven":[84],"patching":[85,203],"agent":[86],"addresses":[88],"both":[89],"by":[91],"combining":[92],"diversified":[93],"dynamic":[94],"fault":[95],"localization":[96],"evidence-weighted":[98],"ranking":[99],"to":[100,109],"focus":[101],"LLM":[103],"on":[104,141],"code":[106],"most":[107],"relevant":[108],"defect.":[111],"To":[112],"rigorously":[113],"measure":[114],"whether":[115],"Kumushi":[116,145,170],"produces":[117,171],"genuinely":[118],"better":[119],"patches,":[120,178],"we":[121],"also":[122,206],"introduce":[123],"two-tier":[125],"patch":[126],"quality":[127],"metric":[128],"pairs":[130],"oracle":[132],"validation":[133],"structured":[135],"expert":[136],"assessment":[137,163],"of":[138,185,211],"patches.":[139],"Evaluated":[140],"178":[142],"C/C++":[143],"vulnerabilities,":[144],"substantially":[146],"outperforms":[147],"prior":[148],"specialized":[149],"under":[152],"evaluation":[154,208],"matching":[156],"frontier":[158],"commercial":[159],"coding":[160],"agent.":[161],"Expert":[162],"then":[164],"reveals":[165],"differences":[166],"oracles":[168],"cannot:":[169],"more":[172],"root-cause":[173],"fewer":[176],"superficial":[177],"preferred":[181],"in":[182,195],"majority":[184],"decisive":[186],"pairwise":[187],"comparisons.":[188],"Together,":[189],"these":[190],"results":[191],"demonstrate":[192],"progress":[194],"requires":[199],"not":[200],"only":[201],"stronger":[202],"systems,":[204],"richer":[207],"methods":[209],"capable":[210],"distinguishing":[212],"genuine":[213],"from":[215],"oracle-passing":[216],"ones.":[217]},"counts_by_year":[],"updated_date":"2026-05-08T13:18:25.657630","created_date":"2026-05-08T00:00:00"}