Background: Modern software uses many third-party libraries and frameworks as
dependencies. Known vulnerabilities in these dependencies are a potential security risk …

Modern code generation tools, utilizing AI models like Large Language Models (LLMs),
have gained popularity for producing functional code. However, their usage presents …

Continuous Integration (CI) significantly reduces integration problems, speeds up
development time, and shortens release time. However, it also introduces new challenges …

Java (de) serialization is prone to causing security-critical vulnerabilities that attackers can
invoke existing methods (gadgets) on the application's classpath to construct a gadget chain …

Constructing a static call graph requires trade-offs between soundness and precision.
Program analysis techniques for constructing call graphs are unfortunately usually …

Libraries play a significant role in software development as they provide reusable
functionality, which helps expedite the development process. As libraries evolve, they …

WebAssembly is a low-level bytecode format that powers applications and libraries running
in browsers, on the server side, and in standalone runtimes. Call graphs are at the core of …

The long-standing aspiration for software reuse has made astonishing strides in the past few
years. Many modern software development ecosystems now come with rich sets of publicly …

Python has emerged as one of the most popular programming languages, extensively
utilized in domains such as machine learning, data analysis, and web applications. Python's …

Call Graphs are a rich data source and form the foundation for advanced static analyses that
can, for example, detect security vulnerabilities or dead code. This information is invaluable …