@inproceedings{wang-etal-2026-vulagent,
    title = "{V}ul{A}gent: Hypothesis-Validation Driven Multi-Agent Architecture for Vulnerability Detection",
    author = "Wang, Ziliang  and
      Li, Ge  and
      Li, Jia  and
      Zhu, Hao  and
      Jin, Zhi",
    editor = "Liakata, Maria  and
      Moreira, Viviane P.  and
      Zhang, Jiajun  and
      Jurgens, David",
    booktitle = "Findings of the {A}ssociation for {C}omputational {L}inguistics: {ACL} 2026",
    month = jul,
    year = "2026",
    address = "San Diego, California, United States",
    publisher = "Association for Computational Linguistics",
    url = "https://preview.aclanthology.org/ingest-acl/2026.findings-acl.928/",
    pages = "18598--18616",
    ISBN = "979-8-89176-395-1",
    abstract = "Vulnerability detection with language models is challenging: it requires (i) precisely localizing security-sensitive code and (ii) reasoning about potential vulnerability conditions under complex, partially observed program context. We present VulAgent, a multi-agent vulnerability detection framework based on hypothesis validation. Our design is inspired by how human auditors review code: when noticing a sensitive operation, they form a hypothesis about a possible vulnerability, consider potential trigger paths, and then verify the hypothesis against the project context. Given a code unit, VulAgent first applies multi-view analyzers to identify and localize security-sensitive operations from complementary perspectives. For each sensitive operation, it then constructs an explicit vulnerability hypothesis{---}including triggering (or exploitation) preconditions and a candidate trigger path{---}and validates the hypothesis using project context together with the model{'}s general knowledge of commonly used APIs and security patterns. This validation-oriented design reduces speculative reports and substantially lowers false positives. Across PrimeVul and SVEN, VulAgent improves accuracy by 6.6 percentage points on average, increases vulnerable{--}fixed pair identification by up to 4.5x (2.46x on average), and reduces false positive rate by 36{\%} relative to recent LLM-based baselines."
}