Code-Centric Detection of Vulnerability-Fixing Commits: A Unified Benchmark and Empirical Study
arXiv:2605.13138v1 Announce Type: cross
Abstract: Automated detection of vulnerability-fixing commits (VFCs) is critical for timely security patch deployment, as advisory databases lag patch releases by a median of 25 days and many fixes never receive…