Hugging Face's logo

CIRCL
/
vulnerability-severity-classification-roberta-base

Text Classification
Transformers
Safetensors
roberta
Generated from Trainer
text-embeddings-inference
Model card Files
xet
Community
cedricbonhomme commited on
Commit
d41ffa7
·
verified ·
1 Parent(s): fd903d6

End of training

Browse files
Files changed (1) hide show
  1. README.md +20 -56
README.md CHANGED
@@ -1,69 +1,37 @@
1
  ---
2
  library_name: transformers
3
- license: cc-by-4.0
4
  base_model: roberta-base
5
- metrics:
6
- - accuracy
7
  tags:
8
  - generated_from_trainer
9
- - text-classification
10
- - classification
11
- - nlp
12
- - vulnerability
13
  model-index:
14
  - name: vulnerability-severity-classification-roberta-base
15
  results: []
16
- datasets:
17
- - CIRCL/vulnerability-scores
18
  ---
19
 
 
 
20
 
21
- # VLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classification
22
-
23
- # Severity classification
24
-
25
- This model is a fine-tuned version of [roberta-base](https://huggingface.co/roberta-base) on the dataset [CIRCL/vulnerability-scores](https://huggingface.co/datasets/CIRCL/vulnerability-scores).
26
-
27
- The model was presented in the paper [VLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classification](https://huggingface.co/papers/2507.03607) [[arXiv](https://arxiv.org/abs/2507.03607)].
28
-
29
- **Abstract:** VLAI is a transformer-based model that predicts software vulnerability severity levels directly from text descriptions. Built on RoBERTa, VLAI is fine-tuned on over 600,000 real-world vulnerabilities and achieves over 82% accuracy in predicting severity categories, enabling faster and more consistent triage ahead of manual CVSS scoring. The model and dataset are open-source and integrated into the Vulnerability-Lookup service.
30
-
31
- You can read [this page](https://www.vulnerability-lookup.org/user-manual/ai/) for more information.
32
 
 
 
 
 
33
 
34
  ## Model description
35
 
36
- It is a classification model and is aimed to assist in classifying vulnerabilities by severity based on their descriptions.
37
-
38
- ## How to get started with the model
39
-
40
- ```python
41
- from transformers import AutoModelForSequenceClassification, AutoTokenizer
42
- import torch
43
-
44
- labels = ["low", "medium", "high", "critical"]
45
 
46
- model_name = "CIRCL/vulnerability-severity-classification-roberta-base"
47
- tokenizer = AutoTokenizer.from_pretrained(model_name)
48
- model = AutoModelForSequenceClassification.from_pretrained(model_name)
49
- model.eval()
50
 
51
- test_description = "SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries \
52
- that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system."
53
- inputs = tokenizer(test_description, return_tensors="pt", truncation=True, padding=True)
54
-
55
- # Run inference
56
- with torch.no_grad():
57
- outputs = model(**inputs)
58
- predictions = torch.nn.functional.softmax(outputs.logits, dim=-1)
59
-
60
- # Print results
61
- print("Predictions:", predictions)
62
- predicted_class = torch.argmax(predictions, dim=-1).item()
63
- print("Predicted severity:", labels[predicted_class])
64
- ```
65
 
 
66
 
 
67
 
68
  ## Training procedure
69
 
@@ -78,19 +46,15 @@ The following hyperparameters were used during training:
78
  - lr_scheduler_type: linear
79
  - num_epochs: 5
80
 
81
- It achieves the following results on the evaluation set:
82
- - Loss: 2.0147
83
- - Accuracy: 0.8189
84
-
85
  ### Training results
86
 
87
  | Training Loss | Epoch | Step | Validation Loss | Accuracy |
88
  |:-------------:|:-----:|:-----:|:---------------:|:--------:|
89
- | 2.9778 | 1.0 | 15387 | 2.5250 | 0.7408 |
90
- | 1.8687 | 2.0 | 30774 | 2.2716 | 0.7739 |
91
- | 2.1265 | 3.0 | 46161 | 2.1010 | 0.7921 |
92
- | 1.8736 | 4.0 | 61548 | 2.0113 | 0.8081 |
93
- | 1.5266 | 5.0 | 76935 | 2.0147 | 0.8189 |
94
 
95
 
96
  ### Framework versions
 
1
  ---
2
  library_name: transformers
3
+ license: mit
4
  base_model: roberta-base
 
 
5
  tags:
6
  - generated_from_trainer
7
+ metrics:
8
+ - accuracy
 
 
9
  model-index:
10
  - name: vulnerability-severity-classification-roberta-base
11
  results: []
 
 
12
  ---
13
 
14
+ <!-- This model card has been generated automatically according to the information the Trainer had access to. You
15
+ should probably proofread and complete it, then remove this comment. -->
16
 
17
+ # vulnerability-severity-classification-roberta-base
 
 
 
 
 
 
 
 
 
 
18
 
19
+ This model is a fine-tuned version of [roberta-base](https://huggingface.co/roberta-base) on an unknown dataset.
20
+ It achieves the following results on the evaluation set:
21
+ - Loss: 2.0427
22
+ - Accuracy: 0.8158
23
 
24
  ## Model description
25
 
26
+ More information needed
 
 
 
 
 
 
 
 
27
 
28
+ ## Intended uses & limitations
 
 
 
29
 
30
+ More information needed
 
 
 
 
 
 
 
 
 
 
 
 
 
31
 
32
+ ## Training and evaluation data
33
 
34
+ More information needed
35
 
36
  ## Training procedure
37
 
 
46
  - lr_scheduler_type: linear
47
  - num_epochs: 5
48
 
 
 
 
 
49
  ### Training results
50
 
51
  | Training Loss | Epoch | Step | Validation Loss | Accuracy |
52
  |:-------------:|:-----:|:-----:|:---------------:|:--------:|
53
+ | 2.1213 | 1.0 | 15402 | 2.6039 | 0.7388 |
54
+ | 2.2319 | 2.0 | 30804 | 2.3167 | 0.7708 |
55
+ | 1.4640 | 3.0 | 46206 | 2.1776 | 0.7916 |
56
+ | 1.7505 | 4.0 | 61608 | 2.0488 | 0.8082 |
57
+ | 1.4337 | 5.0 | 77010 | 2.0427 | 0.8158 |
58
 
59
 
60
  ### Framework versions