Mohamed Diouf¹, Elisée Toe^1,*, Manel Grichi², Haïfa Nakouri^1,3, Fehmi Jaafar¹

CMC-Computers, Materials & Continua, Vol.87, No.3, 2026, DOI:10.32604/cmc.2026.077139 - 09 April 2026

Abstract Software security bugs present significant security risks to modern systems, leading to unauthorized access, data breaches, and severe operational and financial consequences. Early prediction of such vulnerabilities is therefore essential for strengthening software reliability and reducing remediation costs. This study investigates the extent to which static software quality metrics can identify vulnerable code and evaluates the effectiveness of machine learning models for large-scale security-bug prediction. We analyze a dataset of 338,442 source files, including 33,294 buggy files, collected from seven major open-source ecosystems. These ecosystems include GitHub Security Advisories (GHSA), Python Package Index (PyPI), OSS-Fuzz… More >

Joongbum Moon¹, Ji Hyeon Ahn², Moo-Ho Won^3,*

BIOCELL, Vol.50, No.3, 2026, DOI:10.32604/biocell.2025.072635 - 23 March 2026

Abstract Ischemia-reperfusion (I/R) injury induces region-specific neuronal vulnerability within the hippocampus, with the cornu ammonis 1 (CA1) subfield particularly prone to delayed neuronal death. While intrinsic neuronal factors have been implicated, emerging evidence highlights the decisive contribution of astrocyte endfeet (AEF)—specialized perivascular structures that regulate ion and water homeostasis, glutamate clearance, and blood–brain barrier (BBB) stability. This review synthesizes structural and molecular alterations of AEF across the CA1–CA3 subfields following I/R and their correlation with neuronal fate. In CA1, AEF undergo early-onset swelling and detachment from the vascular basal lamina due to dysfunction of critical proteins… More >

Yiming Yu¹, Yunfei Guo², Junchen Liu³, Yiping Sun⁴, Junliang Du^5,*

CMC-Computers, Materials & Continua, Vol.87, No.2, 2026, DOI:10.32604/cmc.2025.074959 - 12 March 2026

Abstract Graph neural networks (GNNs) have shown notable success in identifying security vulnerabilities within Ethereum smart contracts by capturing structural relationships encoded in control- and data-flow graphs. Despite their effectiveness, most GNN-based vulnerability detectors operate as black boxes, making their decisions difficult to interpret and thus less suitable for critical security auditing. The information bottleneck (IB) principle provides a theoretical framework for isolating task-relevant graph components. However, existing IB-based implementations often encounter unstable optimization and limited understanding of code semantics. To address these issues, we introduce ContractGIB, an interpretable graph information bottleneck framework for function-level vulnerability More >

Xiaoyin Li^1,#, Ruixiang Gao^1,2,3,4,#, Jiaxian Luo¹, Yongxing Guo⁵, Pinchao Luo^1,2,3,4,*

International Journal of Mental Health Promotion, Vol.28, No.2, 2026, DOI:10.32604/ijmhp.2026.074111 - 27 February 2026

Abstract Background: Exposure to environmental vulnerability poses significant threats to adolescent suicidal ideation, while individual resilience can mitigate these adverse effects with notable gender commonalities and differences. However, research examining how these factors co-configure at the individual level remains limited, particularly from a gender-specific perspective. Thus, the present study aims to adopt a person-centered analytic approach to identify gender-specific configurations of environmental vulnerability and individual resilience associated with suicidal ideation among Chinese adolescents. Methods: Data were collected from 2616 Chinese primary and secondary school students (aged 10–17; 1223 girls). Participants completed validated scales measuring environmental vulnerability, individual… More >

José Armando Santas Ciavatta, Juan Ramón Bermejo Higuera^*, Javier Bermejo Higuera, Juan Antonio Sicilia Montalvo, Tomás Sureda Riera, Jesús Pérez Melero

CMC-Computers, Materials & Continua, Vol.86, No.3, 2026, DOI:10.32604/cmc.2025.074566 - 12 January 2026

Abstract As artificial Intelligence (AI) continues to expand exponentially, particularly with the emergence of generative pre-trained transformers (GPT) based on a transformer’s architecture, which has revolutionized data processing and enabled significant improvements in various applications. This document seeks to investigate the security vulnerabilities detection in the source code using a range of large language models (LLM). Our primary objective is to evaluate the effectiveness of Static Application Security Testing (SAST) by applying various techniques such as prompt persona, structure outputs and zero-shot. To the selection of the LLMs (CodeLlama 7B, DeepSeek coder 7B, Gemini 1.5 Flash,… More >

Haoxin Sun¹, Xiao Yu^1,*, Jiale Li¹, Yitong Xu¹, Jie Yu¹, Huanhuan Li¹, Yuanzhang Li², Yu-An Tan²

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-15, 2026, DOI:10.32604/cmc.2025.070930 - 09 December 2025

Abstract Since the advent of smart contracts, security vulnerabilities have remained a persistent challenge, compromsing both the reliability of contract execution and the overall stability of the virtual currency market. Consequently, the academic community has devoted increasing attention to these security risks. However, conventional approaches to vulnerability detection frequently exhibit limited accuracy. To address this limitation, the present study introduces a novel vulnerability detection framework called GNNSE that integrates symbolic execution with graph neural networks (GNNs). The proposed method first constructs semantic graphs to comprehensively capture the control flow and data flow dependencies within smart contracts. More >

Yongbo Jiang, Shengnan Huang, Tao Feng, Baofeng Duan^*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-22, 2026, DOI:10.32604/cmc.2025.069423 - 10 November 2025

Abstract In the context of modern software development characterized by increasing complexity and compressed development cycles, traditional static vulnerability detection methods face prominent challenges including high false positive rates and missed detections of complex logic due to their over-reliance on rule templates. This paper proposes a Syntax-Aware Hierarchical Attention Network (SAHAN) model, which achieves high-precision vulnerability detection through grammar-rule-driven multi-granularity code slicing and hierarchical semantic fusion mechanisms. The SAHAN model first generates Syntax Independent Units (SIUs), which slices the code based on Abstract Syntax Tree (AST) and predefined grammar rules, retaining vulnerability-sensitive contexts. Following this, through More >

Xiaohu Song¹, Zhiliang Zhu^2,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-19, 2026, DOI:10.32604/cmc.2025.068930 - 10 November 2025

Abstract Vulnerabilities are a known problem in modern Open Source Software (OSS). Most developers often rely on third-party libraries to accelerate feature implementation. However, these libraries may contain vulnerabilities that attackers can exploit to propagate malicious code, posing security risks to dependent projects. Existing research addresses these challenges through Software Composition Analysis (SCA) for vulnerability detection and remediation. Nevertheless, current solutions may introduce additional issues, such as incompatibilities, dependency conflicts, and additional vulnerabilities. To address this, we propose Vulnerability Scan and Protection (), a robust solution for detection and remediation vulnerabilities in Java projects. Specifically, builds… More >

Brian Mweu^1,*, John Ndia²

Journal of Cyber Security, Vol.7, pp. 417-437, 2025, DOI:10.32604/jcs.2025.071765 - 10 October 2025

Abstract Static analysis methods are crucial in developing secure software, as they allow for the early identification of vulnerabilities before the software is executed. This systematic review follows Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) 2020 guidelines to assess static analysis techniques for software security enhancement. We systematically searched IEEE Xplore, Association for Computing Machinery (ACM) Digital Library, SpringerLink, and ScienceDirect for journal articles published between 2017 and 2025. The review examines hybrid analyses and machine learning integration to enhance vulnerability detection accuracy. Static analysis tools enable early fault detection but face persistent challenges. More >

Myoung-oh Choi¹, Mincheol Shin¹, Hyonjun Kang¹, Ka Lok Man², Mucheol Kim^1,*

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.3, pp. 3191-3212, 2025, DOI:10.32604/cmes.2025.068723 - 30 September 2025

Abstract The escalating complexity and heterogeneity of modern energy systems—particularly in smart grid and distributed energy infrastructures—has intensified the need for intelligent and scalable security vulnerability classification. To address this challenge, we propose Vulnerability2Vec, a graph-embedding-based framework designed to enhance the automated classification of security vulnerabilities that threaten energy system resilience. Vulnerability2Vec converts Common Vulnerabilities and Exposures (CVE) text explanations to semantic graphs, where nodes represent CVE IDs and key terms (nouns, verbs, and adjectives), and edges capture co-occurrence relationships. Then, it embeds the semantic graphs to a low-dimensional vector space with random-walk sampling and skip-gram More >