File size: 3,772 Bytes
2a7e8e8 3e7f638 2a7e8e8 7076d2e 2a7e8e8 3e7f638 b0dd8fa 3e7f638 82a36b9 2a7e8e8 3e7f638 1fab624 3e7f638 7762f07 3e7f638 7762f07 3e7f638 7762f07 3e7f638 7762f07 3e7f638 7762f07 25373ed 2a7e8e8 ac0ee23 5b69448 2a7e8e8 b35fc4c b62e75e e244c56 5b69448 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 |
---
library_name: transformers
license: mit
base_model: roberta-base
tags:
- generated_from_trainer
metrics:
- accuracy
model-index:
- name: vulnerability-severity-classification-roberta-base
results: []
datasets:
- CIRCL/vulnerability-scores
---
<!-- This model card has been generated automatically according to the information the Trainer had access to. You
should probably proofread and complete it, then remove this comment. -->
# VLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classification
# Severity classification
This model is a fine-tuned version of [roberta-base](https://huggingface.co/roberta-base) on the dataset [CIRCL/vulnerability-scores](https://huggingface.co/datasets/CIRCL/vulnerability-scores).
The model was presented in the paper [VLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classification](https://huggingface.co/papers/2507.03607) [[arXiv](https://arxiv.org/abs/2507.03607)].
**Abstract:** VLAI is a transformer-based model that predicts software vulnerability severity levels directly from text descriptions. Built on RoBERTa, VLAI is fine-tuned on over 600,000 real-world vulnerabilities and achieves over 82% accuracy in predicting severity categories, enabling faster and more consistent triage ahead of manual CVSS scoring. The model and dataset are open-source and integrated into the Vulnerability-Lookup service.
You can read [this page](https://www.vulnerability-lookup.org/user-manual/ai/) for more information.
## Model description
It is a classification model and is aimed to assist in classifying vulnerabilities by severity based on their descriptions.
- Loss: 0.5084
- Accuracy: 0.8277
## How to get started with the model
```python
from transformers import AutoModelForSequenceClassification, AutoTokenizer
import torch
labels = ["low", "medium", "high", "critical"]
model_name = "CIRCL/vulnerability-severity-classification-roberta-base"
tokenizer = AutoTokenizer.from_pretrained(model_name)
model = AutoModelForSequenceClassification.from_pretrained(model_name)
model.eval()
test_description = "SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries \
that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system."
inputs = tokenizer(test_description, return_tensors="pt", truncation=True, padding=True)
# Run inference
with torch.no_grad():
outputs = model(**inputs)
predictions = torch.nn.functional.softmax(outputs.logits, dim=-1)
# Print results
print("Predictions:", predictions)
predicted_class = torch.argmax(predictions, dim=-1).item()
print("Predicted severity:", labels[predicted_class])
```
## Training procedure
### Training hyperparameters
The following hyperparameters were used during training:
- learning_rate: 3e-05
- train_batch_size: 16
- eval_batch_size: 16
- seed: 42
- optimizer: Use OptimizerNames.ADAMW_TORCH with betas=(0.9,0.999) and epsilon=1e-08 and optimizer_args=No additional optimizer arguments
- lr_scheduler_type: linear
- num_epochs: 5
### Training results
| Training Loss | Epoch | Step | Validation Loss | Accuracy |
|:-------------:|:-----:|:------:|:---------------:|:--------:|
| 0.5976 | 1.0 | 27995 | 0.6547 | 0.7422 |
| 0.4254 | 2.0 | 55990 | 0.5822 | 0.7759 |
| 0.5858 | 3.0 | 83985 | 0.5263 | 0.7982 |
| 0.4801 | 4.0 | 111980 | 0.5008 | 0.8184 |
| 0.3388 | 5.0 | 139975 | 0.5084 | 0.8277 |
### Framework versions
- Transformers 4.51.3
- Pytorch 2.7.1+cu126
- Datasets 3.6.0
- Tokenizers 0.21.1
|