Hugging Face's logo

xamxte
/
cwe-classifier-roberta-base

Text Classification
Transformers
Safetensors
English
roberta
cybersecurity
vulnerability
cwe
cve
nvd
Eval Results (legacy)
text-embeddings-inference
Model card Files
xet
 Community
cwe-classifier-roberta-base
File size: 8,777 Bytes
94aa0f0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
9710528
94aa0f0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
9710528
 
 
 
 
94aa0f0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
9710528
94aa0f0
 
 
 
 
 
 
 
 
 
 
 
20d5590
 
 
 
94aa0f0
 
 
20d5590
 
 
 
 
94aa0f0
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
---
license: cc-by-4.0
language:
  - en
library_name: transformers
pipeline_tag: text-classification
tags:
  - cybersecurity
  - vulnerability
  - cwe
  - cve
  - nvd
  - roberta
base_model: FacebookAI/roberta-base
datasets:
  - xamxte/cve-to-cwe
metrics:
  - accuracy
  - f1
model-index:
  - name: cwe-classifier-roberta-base
    results:
      - task:
          type: text-classification
          name: CWE Classification
        dataset:
          name: cve-to-cwe (test split)
          type: xamxte/cve-to-cwe
          split: test
        metrics:
          - name: Top-1 Accuracy
            type: accuracy
            value: 0.8744
          - name: Top-3 Accuracy
            type: accuracy
            value: 0.9467
          - name: Macro F1
            type: f1
            value: 0.6071
      - task:
          type: text-classification
          name: CWE Classification (CTI-Bench)
        dataset:
          name: CTI-Bench cti-rcm
          type: xashru/cti-bench
        metrics:
          - name: Strict Top-1
            type: accuracy
            value: 0.756
          - name: Hierarchy-aware Top-1
            type: accuracy
            value: 0.865
---

# CWE Classifier (RoBERTa-base)

A fine-tuned RoBERTa-base model that maps CVE (Common Vulnerabilities and Exposures) descriptions to CWE (Common Weakness Enumeration) categories. 125M parameters, 205 CWE classes.

## Performance

### Internal Test Set (27,780 agreement-filtered samples)

| Metric | Score |
|--------|-------|
| Top-1 Accuracy | **87.4%** |
| Top-3 Accuracy | **94.7%** |
| Macro F1 | **0.607** |
| Weighted F1 | 0.872 |

### CTI-Bench External Benchmark (NeurIPS 2024, zero training overlap)

| Benchmark | Strict Top-1 | Hierarchy-aware Top-1 |
|-----------|--------------|-----------------------|
| cti-rcm (2023-2024 CVEs) | 75.6% | **86.5%** |
| cti-rcm-2021 (2011-2021 CVEs) | 71.8% | **82.8%** |

### Comparison on CTI-Bench cti-rcm (strict exact match)

All scores below use the official CTI-Bench evaluation protocol: strict exact CWE ID match.

| Model | Params | Type | Top-1 Accuracy | Source |
|-------|--------|------|---------------|--------|
| [Sec-Gemini v1](https://security.googleblog.com/2025/04/google-launches-sec-gemini-v1-new.html) (Google)* | — | closed | ~86% | Google Security Blog |
| [SecLM](https://security.googlecloudcommunity.com/community-blog-42/fueling-ai-innovation-in-secops-products-the-seclm-platform-and-sec-gemini-research-pipeline-3997) (Google)* | — | closed | ~85% | Google Cloud Blog |
| **This model** | **125M** | **open** | **75.6%** | — |
| [Foundation-Sec-8B-Reasoning](https://arxiv.org/abs/2601.21051) (Cisco) | 8B | open | 75.3% | arXiv 2601.21051 |
| [GPT-4](https://arxiv.org/abs/2406.07599) | ~1.7T | closed | 72.0% | CTI-Bench paper |
| [Foundation-Sec-8B](https://arxiv.org/abs/2504.21039) (Cisco) | 8B | open | 72.0% (±1.7%) | arXiv 2504.21039 |
| [WhiteRabbitNeo-V2-70B](https://arxiv.org/abs/2504.21039) | 70B | open | 71.1% | arXiv 2504.21039 |
| [Foundation-Sec-8B-Instruct](https://arxiv.org/abs/2601.21051) (Cisco) | 8B | open | 70.4% | arXiv 2601.21051 |
| [Llama-Primus](https://huggingface.co/trend-cybertron/Llama-Primus-Base) (Trend Micro) | 8B | open | 67.8% | HuggingFace |
| [GPT-3.5](https://arxiv.org/abs/2406.07599) | ~175B | closed | 67.2% | CTI-Bench paper |
| [Gemini 1.5](https://arxiv.org/abs/2406.07599) | — | closed | 66.6% | CTI-Bench paper |
| [LLaMA3-70B](https://arxiv.org/abs/2406.07599) | 70B | open | 65.9% | CTI-Bench paper |
| [LLaMA3-8B](https://arxiv.org/abs/2406.07599) | 8B | open | 44.7% | CTI-Bench paper |

*\*Sec-Gemini and SecLM scores are approximate, estimated from published comparison charts. Exact values were not reported.*

**Competitive with the best open-weight models** at 64x fewer parameters (125M vs 8B). Note: the 0.3pp difference vs Cisco Foundation-Sec-8B-Reasoning is not statistically significant (95% CIs overlap on n=1000). The Cisco models are general-purpose LLMs; ours is a task-specific encoder.

### TF-IDF baseline comparison

A TF-IDF + Logistic Regression baseline reaches 84.9% top-1 on the same test set, but only 45.2% Macro F1 vs our 60.7% — a **+15.5pp Macro F1 gap** showing the model's advantage on rare CWE classes that keyword matching cannot handle.

### Hierarchy-aware evaluation (supplementary)

This model predicts specific child CWEs (e.g., CWE-121 Stack Buffer Overflow) while CTI-Bench ground truth often uses generic parent CWEs (e.g., CWE-119 Buffer Overflow). When parent↔child equivalences are counted as correct:

| Benchmark | Strict Top-1 | Hierarchy-aware Top-1 |
|-----------|--------------|-----------------------|
| cti-rcm (2023-2024 CVEs) | 75.6% | 86.5% (+10.9pp) |
| cti-rcm-2021 (2011-2021 CVEs) | 71.8% | 82.8% (+11.0pp) |

*Note: Other models in the table above were evaluated with strict matching only. Hierarchy-aware scores are not directly comparable and are shown separately for transparency.*

## Usage

```python
from transformers import pipeline

classifier = pipeline("text-classification", model="xamxte/cwe-classifier-roberta-base", top_k=3)

result = classifier("A SQL injection vulnerability in the login page allows remote attackers to execute arbitrary SQL commands via the username parameter.")
print(result)
# [[{'label': 'CWE-89', 'score': 0.95}, {'label': 'CWE-564', 'score': 0.02}, ...]]
```

### Manual inference

```python
from transformers import AutoTokenizer, AutoModelForSequenceClassification
import torch
import json

model_name = "xamxte/cwe-classifier-roberta-base"
tokenizer = AutoTokenizer.from_pretrained(model_name)
model = AutoModelForSequenceClassification.from_pretrained(model_name)

# Load label map
from huggingface_hub import hf_hub_download
label_map_path = hf_hub_download(repo_id=model_name, filename="cwe_label_map.json")
with open(label_map_path) as f:
    label_map = json.load(f)
id_to_label = {v: k for k, v in label_map.items()}

# Predict
text = "CVE Description: A buffer overflow in the PNG parser allows remote code execution via crafted image files."
inputs = tokenizer(text, return_tensors="pt", max_length=384, truncation=True, padding=True)

with torch.no_grad():
    logits = model(**inputs).logits

top3 = torch.topk(logits, 3)
for score, idx in zip(top3.values[0], top3.indices[0]):
    print(f"{id_to_label[idx.item()]}: {score.item():.3f}")
```

## Training

- **Base model:** FacebookAI/roberta-base (125M params)
- **Dataset:** [xamxte/cve-to-cwe](https://huggingface.co/datasets/xamxte/cve-to-cwe) — 234,770 training samples with Claude Sonnet 4.6 refined labels
- **Training method:** Two-phase fine-tuning
  - Phase 1: Freeze first 8/12 transformer layers, train classifier head (4 epochs, lr=1e-4)
  - Phase 2: Unfreeze all layers, full fine-tuning (9 epochs, lr=2e-5)
- **Key hyperparameters:** max_length=384, batch_size=32, label_smoothing=0.1, cosine scheduler, bf16
- **Hardware:** NVIDIA RTX 5080 (16GB), ~4 hours total
- **Framework:** HuggingFace Transformers + PyTorch

## Label Quality

Training labels were refined using Claude Sonnet 4.6 via the Anthropic Batch API (~$395 total cost). The test/validation sets contain only agreement-filtered samples where NVD and Sonnet labels agree (73.1% exact match; 84.5% with hierarchy-aware matching). This biases evaluation toward unambiguous cases — real-world accuracy on arbitrary NVD entries will be lower. See the [dataset card](https://huggingface.co/datasets/xamxte/cve-to-cwe) for details.

## CWE Hierarchy

This model predicts **specific (child) CWE categories** where possible. For example, buffer overflows are classified as CWE-121 (Stack) or CWE-122 (Heap) rather than the generic CWE-119. This provides more actionable information for vulnerability triage, but means strict accuracy on benchmarks using parent CWEs appears lower than actual performance.

## Limitations

- **205 CWE classes only**: Covers the most common CWEs in NVD. Rare CWEs not in the training set will be mapped to the closest known class.
- **English only**: Trained on English CVE descriptions from NVD.
- **Description-based**: Uses only the text description, not CVSS scores, CPE, or other metadata.
- **Single-label**: Predicts one CWE per CVE, though some vulnerabilities may involve multiple weakness types.

## Paper

📄 **[Fine-tuning RoBERTa for CVE-to-CWE Classification: A 125M Parameter Model Competitive with LLMs](https://arxiv.org/abs/2603.14911)**

## Citation

```bibtex
@article{mosievskiy2026cwe,
  title={Fine-tuning RoBERTa for CVE-to-CWE Classification: A 125M Parameter Model Competitive with LLMs},
  author={Mosievskiy, Nikita},
  journal={arXiv preprint arXiv:2603.14911},
  year={2026}
  url={https://huggingface.co/xamxte/cwe-classifier-roberta-base}
}
```