Hacker News
FuzzingBrain V2: Multi-Agent LLM System Discovers 29 Zero-Day Vulnerabilities Across 12 Open-Source Projects
Researchers published FuzzingBrain V2 (arXiv 2605.21779), a multi-agent LLM system using MCP-based tools for automated vulnerability discovery that achieved a 90% detection rate on the AIxCC 2025 dataset (36/40 vulnerabilities) and found 29 confirmed zero-days across 12 open-source projects, with 2 receiving CVE IDs. The system combines suspicious-point abstraction for precise localization, hierarchical function analysis for coverage, and Google's OSS-Fuzz for reproducible verification — addressing the chronic false-positive problem in LLM-generated vulnerability reports.
↳ Follow the thread