- The paper introduces KeaRepair, a knowledge-enhanced system that integrates dual-view vulnerability analysis with iterative, tool-augmented diagnosis for automated patch generation.
- The methodology combines static analysis with retrieval-augmented exemplar matching, achieving an 83.64% repair rate on the Vul4C benchmark and outperforming other agentic systems.
- The paper demonstrates that grounding LLM patch synthesis in structured program facts and dual-view knowledge significantly boosts repair accuracy and cross-language applicability.
Knowledge-Enhanced Agentic Vulnerability Repair: Methodology, Evaluation, and Implications
Problem Motivation and Limitations of Prior Work
Automated Vulnerability Repair (AVR) is a critical challenge as the volume of software vulnerabilities continuously outpaces available human resources for remediation. While modern LLMs have improved capabilities in vulnerability discovery, their application to practical AVR is still limited. Most current approaches exhibit two fundamental deficiencies: unreliable root cause analysis and inadequate leveraging of historical vulnerability knowledge in patch generation.
Existing approaches typically depend on either dynamic or static localization, which frequently fails to robustly identify the true source of vulnerabilities. Dynamic methods, e.g., those utilizing concolic execution, suffer from scalability and precision deficits, as demonstrated by high false positive rates in real scenarios (Figure 1). Static, agentic paradigms, where LLMs independently reason and generate fixes from sanitizer reports and retrieved project context, are themselves limited by hallucinations and an over-reliance on available sanitizer coverage.
Figure 1: An illustrative example diagnosing CVE-2017-6828, showing failure cases of localization and misapplied patch exemplars in prior agentic AVR methods.
Compounding these issues is the insufficient exploitation of structural vulnerability knowledge. Naive retrieval methods select exemplars based on superficial similarity, often leading to logically disjoint repair patterns that degrade patch quality. While recent approaches such as retrieval-augmented generation attempt to incorporate previous fixes as in-context exemplars, inadequate abstraction and selection strategies limit generalizability and repair correctness.
KeaRepair: Architecture and Key Mechanisms
KeaRepair introduces a knowledge-enhanced, agentic AVR architecture designed to systematically mitigate localization imprecision and ineffective knowledge utilization. The method consists of three core phases: (1) vulnerability knowledge base construction, (2) fact-grounded agentic diagnosis, and (3) dual-view retrieval-augmented patch generation.
Figure 2: Overview of the KeaRepair AVR pipeline, detailing knowledge base construction, tool-augmented diagnosis, and retrieval-augmented patch synthesis and validation.
Knowledge Base Construction
KeaRepair initiates from a large set of curated vulnerability-patch pairs, extracting dual-view vulnerability knowledge: data-flow and control-flow perspectives. For each view, it distills structured knowledge items associated with root causes, vulnerable behaviors (e.g., taint flow, sensitive API usage, control conditions), and fixing strategies. The system applies hierarchical reasoning through LLM prompting to abstract these elements, subsequently embedding and indexing them into specialized vector stores. This dual-view decomposition aims to ensure that retrieval for downstream patch generation strictly considers both code semantics and execution-relevant logic, rather than surface-level token overlap.
Fact-Grounded Agentic Vulnerability Diagnosis
Rather than naively prompt LLMs for root cause synthesis, KeaRepair employs a tool-augmented ReAct agent that iteratively collects verified program facts using specialized static analysis tools. The agent can trace taint flows (trace_data_flow), analyze path reachability (is_path_reachable), and inspect API usage in the context of the subject program. These observations are incrementally accumulated to build a faithful and structured diagnostic report, which subsequently grounds both retrieval and patch generation phases, thus minimizing LLM-driven hallucination.
Dual-View Retrieval-Augmented Patch Generation
Armed with a fact-grounded diagnostic report, KeaRepair synthesizes view-specific semantic queries and retrieves relevant historical exemplars from each knowledge base. A two-stage, hybrid similarity ranking fuses code- and behavior-level signals, employing both embedding-based methods (e.g., CodeLlama) and statistical metrics (e.g., BM25) for candidate selection. The final prompt to the repair agent includes the diagnostic findings plus the top-ranked exemplars and their associated structured knowledge, which guides iterative patch synthesis. The method closes the loop using automated build, PoC, and regression test validation, returning failures to the agent for iterative refinement until a valid patch is generated.
Experimental Results and Comparative Analysis
KeaRepair demonstrates strong empirical superiority on the Vul4C benchmark, encompassing 55 diverse C/C++ vulnerabilities. The architecture, when paired with Gemini-3.1-Pro, achieves a repair rate of 83.64%, outperforming standalone LLMs and prior state-of-the-art agentic systems such as PatchAgent and APPatch by significant margins. Notably, KeaRepair fixes nine CVEs not addressed by PatchAgent and twenty unique vulnerabilities outside APPatch’s success set.
Cost and efficiency analysis reveals that KeaRepair’s patching pipeline is highly practical, with Gemini-3.1-Pro achieving an average per-vulnerability patching cost of $0.30 and a mean completion time below 50 seconds. Ablation studies further highlight that the dual-view knowledge retrieval and feedback-based patch refinement are primary contributors to effectiveness. A single-turn, naive variant of KeaRepair results in up to 76.92% fewer successful repairs compared to the full iterative feedback configuration, underlining the necessity of interactive validation in LLM agentic AVR.
Additionally, Venn diagram overlap analysis (Figure 3) establishes that KeaRepair covers the largest set of unique vulnerabilities not fixed by other agentic or retrieval-augmented baselines, demonstrating that integration of fact-grounded reasoning with dual-view historical knowledge delivers increased robustness.

Figure 3: Comparative overlap among CVEs patched by KeaRepair and agentic AVR baselines, showcasing the significant unique repair coverage of KeaRepair.
Discussion: Failure Modes and Generalizability
Despite these advancements, failure cases predominantly stem from the imprecision of static analysis in real-world software (e.g., macro expansion in C/C++ and cross-file dependencies) and the inherent limitation of function-level knowledge abstraction when vulnerabilities demand multi-location or interprocedural fixes. All current agentic and LLM-based tools, including KeaRepair, struggle in such scenarios—a limitation attributable to the granularity of available patch exemplars.
The cross-language evaluation on the PatchEval benchmark (covering Go, JavaScript, Python) demonstrates that KeaRepair’s architecture generalizes effectively to multilingual AVR. Patch rates of up to 85.55% are observed with Qwen3.5-Plus, significantly increasing patch coverage (by up to 516.67%) over standalone LLM performance. While Gemini-3.1-Pro performs optimally on Vul4C, performance fluctuates cross-linguistically, indicating the necessity of empirical LLM selection per language and even per project domain.
Implications and Future Directions
The robust gains of KeaRepair emphasize the importance of architecturally integrating verifiable program analysis into agentic LLM pipelines for AVR. The findings reject the adequacy of both vanilla retrieval-based and purely agentic LLM approaches, providing evidence that structured, dual-view knowledge infusion and iterative validation are necessary for substantial improvements in real-world AVR.
Theoretically, this work points toward a hybridization of symbolic analysis and neural in-context learning—a direction likely to be foundational for future AI-driven software engineering agents. Practically, KeaRepair’s demonstrated efficiency, low cost, and cross-language adaptability position it as a blueprint for scalable, autonomous repair systems in diverse industrial settings.
Key avenues for future work involve enhancing the compositionality of fact extraction over multi-file and interprocedural defects, contamination-resilient benchmarking, and automatic assessment of potential patch regressions outside observable test or PoC coverage.
Conclusion
KeaRepair establishes a new state of the art in automated, agentic vulnerability repair by rooting LLM-driven patch generation in dual-view, program-fact-verified knowledge and structured iterative procedures. Its methodology yields superior patch correctness, efficiency, and generalizability across languages, while detailed studies show that each component—fact-grounding, dual-view knowledge, feedback iteration—provides essential contributions. This represents a significant step towards reliable autonomous AVR, and further highlights the importance of integrating structured knowledge, symbolic tools, and advanced LLM capabilities for practical software security automation.