The field of code vulnerability detection is rapidly advancing with the integration of Large Language Models (LLMs). Recent developments have focused on improving the performance of LLMs in detecting code vulnerabilities, with a particular emphasis on few-shot learning, automatic test generation, and secure code generation. Notably, researchers are exploring innovative approaches to selecting few-shot examples, generating test harnesses, and incorporating security specifications into LLM-based vulnerability detection. These advancements have the potential to significantly improve the accuracy and reliability of code vulnerability detection, enabling developers to identify and address security flaws more effectively.

Some noteworthy papers in this area include: HarnessLLM, which proposes a two-stage training pipeline for LLMs to generate test harnesses, outperforming traditional input-output-based testing methods. VulInstruct, which achieves a 45.0% F1-score and 37.7% recall in vulnerability detection by systematically extracting security specifications from historical vulnerabilities. LLM-Driven Adaptive Source-Sink Identification and False Positive Mitigation for Static Analysis, which reduces false positives by 43.7% and improves recall by 11.2% compared to state-of-the-art baselines.