zmanion
commented
6 days ago Hi and thanks for the suggestion, although I'm not sure I clearly understand it. If you're suggesting an LLM based on the CVE corpus could be used to discover new vulnerabilities I don't think that would work. We are interested in using AI/ML to imrove CVE, but would need much more specific ideas.
With the prominence of Machine Learning over the past 10 years, and the rise of Large Language Models recently which can reason (per various scholarly works), the CVE org could train a Large Language Model on it's database of vulnerabilities and create a closed source tool for the public to use as a CVE detection tool based on the best Large Language Models and CVE data.