![[2602.14345] AXE: An Agentic eXploit Engine for Confirming Zero-Day Vulnerability Reports](https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png){kind=logo}
[2602.14345] AXE: An Agentic eXploit Engine for Confirming Zero-Day Vulnerability Reports
Summary
The paper presents AXE, an innovative framework for validating zero-day vulnerabilities using minimal metadata, achieving a significant improvement in exploitation success rates.
Why It Matters
As software vulnerabilities continue to pose security risks, AXE's approach addresses the challenge of false positives in vulnerability detection. By automating the exploitation process and providing actionable results, this framework enhances the efficiency of vulnerability management, making it crucial for developers and security professionals.
Key Takeaways
- AXE improves exploitation success rates by 30% compared to existing methods.
- The framework utilizes minimal metadata, enhancing efficiency in vulnerability assessment.
- AXE generates reproducible proof-of-concept artifacts for successful exploits.
- Error analysis identifies reasoning gaps that hinder exploit success.
- The framework's generalizability is validated through real-world case studies.
Computer Science > Cryptography and Security arXiv:2602.14345 (cs) [Submitted on 15 Feb 2026] Title:AXE: An Agentic eXploit Engine for Confirming Zero-Day Vulnerability Reports Authors:Amirali Sajadi, Tu Nguyen, Kostadin Damevski, Preetha Chatterjee View a PDF of the paper titled AXE: An Agentic eXploit Engine for Confirming Zero-Day Vulnerability Reports, by Amirali Sajadi and 3 other authors View PDF HTML (experimental) Abstract:Vulnerability detection tools are widely adopted in software projects, yet they often overwhelm maintainers with false positives and non-actionable reports. Automated exploitation systems can help validate these reports; however, existing approaches typically operate in isolation from detection pipelines, failing to leverage readily available metadata such as vulnerability type and source-code location. In this paper, we investigate how reported security vulnerabilities can be assessed in a realistic grey-box exploitation setting that leverages minimal vulnerability metadata, specifically a CWE classification and a vulnerable code location. We introduce Agentic eXploit Engine (AXE), a multi-agent framework for Web application exploitation that maps lightweight detection metadata to concrete exploits through decoupled planning, code exploration, and dynamic execution feedback. Evaluated on the CVE-Bench dataset, AXE achieves a 30% exploitation success rate, a 3x improvement over state-of-the-art black-box baselines. Even in a single-agent configur...