SecVulEval is a collection of real-world C/C++ vulnerabilities curated by arag0rn from the National Vulnerability Database (NVD). The dataset features statement-level vulnerable information, context for vulnerable functions, and metadata such as CVE and CWE identifiers. It was last updated on October 10, -2025.
Use Cases
- Training models for statement-level vulnerability classification based on the is_vulnerable flag.
- Analyzing patterns and root causes of software vulnerabilities based on CWE metadata.
- Benchmarking static analysis and code review tools using real-world vulnerable and non-vulnerable function samples.
- Studying the evolution of vulnerabilities using the associated commit information.
Strengths
- Contains real-world vulnerabilities sourced from the authoritative National Vulnerability Database (NVD).
- Provides statement-level granularity for vulnerability information.
- Includes both vulnerable and non-vulnerable function samples for comparative analysis.
Limitations
- Row count, column definitions, and file formats are unknown, which may limit suitability assessment.
- Column-level documentation is absent; field semantics must be inferred after download.
- Freshness should be verified as the last update timestamp is from a future date (2025-10-10).
Provenance
- Source
- National Vulnerability Database (NVD)
- Collection Method
- Curated by collecting C/C++ vulnerabilities from NVD.
- Time Range
- null
- Freshness
- Last updated 2025-10-10 21:34:16.
- Geography
- null