{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,4]],"date-time":"2026-05-04T12:50:04Z","timestamp":1777899004927,"version":"3.51.4"},"reference-count":55,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-017"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-012"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-004"}],"funder":[{"DOI":"10.13039\/501100001843","name":"Science and Engineering Research Board","doi-asserted-by":"publisher","award":["ANRF\/ECRG\/2024\/006514\/ENS"],"award-info":[{"award-number":["ANRF\/ECRG\/2024\/006514\/ENS"]}],"id":[{"id":"10.13039\/501100001843","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Journal of Information Security and Applications"],"published-print":{"date-parts":[[2026,6]]},"DOI":"10.1016\/j.jisa.2026.104420","type":"journal-article","created":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T11:05:41Z","timestamp":1772190341000},"page":"104420","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["Vuln2Action: An LLM-based framework for generating vulnerability reproduction steps and mapping exploits"],"prefix":"10.1016","volume":"99","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-0403-5960","authenticated-orcid":false,"given":"Shalini","family":"Kumari","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0002-0920-6016","authenticated-orcid":false,"given":"Geeta","family":"Yadav","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.jisa.2026.104420_bib0001","unstructured":"CVEdetails.com. Browse vulnerabilities by date. 2025. Accessed: 2025-09-11; https:\/\/www.cvedetails.com\/browse-by-date.php."},{"key":"10.1016\/j.jisa.2026.104420_bib0002","unstructured":"buisness V.. 2025 data breach investigations report. 2025. Accessed: 2026-01-01; https:\/\/www.verizon.com\/business\/resources\/Tea\/reports\/2025-dbir-data-breach-investigations-report.pdf."},{"issue":"16","key":"10.1016\/j.jisa.2026.104420_bib0003","doi-asserted-by":"crossref","first-page":"7273","DOI":"10.3390\/s23167273","article-title":"A systematic literature review on cyber threat intelligence for organizational cybersecurity resilience","volume":"23","author":"Saeed","year":"2023","journal-title":"Sensors"},{"key":"10.1016\/j.jisa.2026.104420_bib0004","unstructured":"Penetration Testing Execution Standard (PTES). PTES technical guidelines. 2014. Accessed: 2026-01-01; http:\/\/www.pentest-standard.org\/index.php\/PTES_Technical_Guidelines."},{"key":"10.1016\/j.jisa.2026.104420_bib0005","series-title":"2021\u202fIEEE 37Th international conference on data engineering","first-page":"193","article-title":"Enabling efficient cyber threat hunting with cyber threat intelligence","author":"Gao","year":"2021"},{"key":"10.1016\/j.jisa.2026.104420_bib0006","first-page":"633","article-title":"IoT-PEN: An E2E penetration testing framework for IoT","volume":"28","author":"Yadav","year":"2020","journal-title":"J Inf Process"},{"key":"10.1016\/j.jisa.2026.104420_bib0007","unstructured":"Offensive Security. Exploit database statistics. https:\/\/www.exploit-db.com\/exploit-database-statistics; 2025. Accessed: 2025-08-11."},{"key":"10.1016\/j.jisa.2026.104420_bib0008","series-title":"33Rd USENIX security symposium (USENIX security 24)","isbn-type":"print","first-page":"847","article-title":"PentestGPT: evaluating and harnessing large language models for automated penetration testing","author":"Deng","year":"2024","ISBN":"https:\/\/id.crossref.org\/isbn\/9781939133441"},{"key":"10.1016\/j.jisa.2026.104420_bib0009","series-title":"2015\u202fIEEE 22Nd international conference on software analysis, evolution, and reengineering","first-page":"101","article-title":"JCHARMING: A bug reproduction approach using crash traces and directed model checking","author":"Nayrolles","year":"2015"},{"key":"10.1016\/j.jisa.2026.104420_bib0010","series-title":"Proceedings of the 2019 27th ACM joint meeting on european software engineering conference and symposium on the foundations of software engineering","first-page":"86","article-title":"Assessing the quality of the steps to reproduce in bug reports","author":"Chaparro","year":"2019"},{"issue":"3","key":"10.1016\/j.jisa.2026.104420_bib0011","doi-asserted-by":"crossref","first-page":"1246","DOI":"10.1109\/TSE.2022.3174028","article-title":"Enhancing mobile app bug reporting via real-time understanding of reproduction steps","volume":"49","author":"Fazzini","year":"2022","journal-title":"IEEE Trans Software Eng"},{"key":"10.1016\/j.jisa.2026.104420_bib0012","series-title":"2023\u202fIEEE\/ACM 45Th international conference on software engineering","first-page":"2312","article-title":"Large language models are few-shot testers: exploring LLM-based general bug reproduction","author":"Kang","year":"2023"},{"issue":"10","key":"10.1016\/j.jisa.2026.104420_bib0013","doi-asserted-by":"crossref","first-page":"2677","DOI":"10.1109\/TSE.2024.3450837","article-title":"Evaluating diverse large language models for automatic and general bug reproduction","volume":"50","author":"Kang","year":"2024","journal-title":"IEEE Trans Software Eng"},{"key":"10.1016\/j.jisa.2026.104420_bib0014","doi-asserted-by":"crossref","DOI":"10.1016\/j.infsof.2023.107338","article-title":"A systematic mapping study of bug reproduction and localization","volume":"165","author":"Wang","year":"2024","journal-title":"Inf Softw Technol"},{"key":"10.1016\/j.jisa.2026.104420_bib0015","unstructured":"NIST. National vulnerability database. 2025. Accessed: 2026-01-01; https:\/\/nvd.nist.gov\/vuln\/search#\/nvd\/home?resultType=records."},{"key":"10.1016\/j.jisa.2026.104420_bib0016","doi-asserted-by":"crossref","DOI":"10.1016\/j.eswa.2025.130219","article-title":"Autonomous penetration testing using reinforcement learning: a review and perspectives","volume":"300","author":"Liu","year":"2026","journal-title":"Expert Syst Appl"},{"key":"10.1016\/j.jisa.2026.104420_bib0017","series-title":"Adjunct proceedings of the 33rd ACM conference on user modeling, adaptation and personalization","isbn-type":"print","doi-asserted-by":"crossref","first-page":"404","DOI":"10.1145\/3708319.3733804","article-title":"Towards automated penetration testing: introducing LLM benchmark, analysis, and improvements","author":"Isozaki","year":"2025","ISBN":"https:\/\/id.crossref.org\/isbn\/9798400713996"},{"key":"10.1016\/j.jisa.2026.104420_bib0018","series-title":"Proceedings of the 38th international conference on neural information processing systems","isbn-type":"print","article-title":"CTIBench: A benchmark for evaluating llms in cyber threat intelligence","author":"Alam","year":"2025","ISBN":"https:\/\/id.crossref.org\/isbn\/9798331314385"},{"key":"10.1016\/j.jisa.2026.104420_bib0019","unstructured":"Database N.N.V.. CVE-2021-3156 Detail. 2021. Accessed: 2026-01-01; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-3156."},{"key":"10.1016\/j.jisa.2026.104420_bib0020","unstructured":"Database N.N.V.. CVE-2022-22965 Detail. 2022. Accessed: 2026-01-01; https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2022-22965."},{"key":"10.1016\/j.jisa.2026.104420_bib0021","series-title":"Proceedings of the 31st ACM joint european software engineering conference and symposium on the foundations of software engineering","isbn-type":"print","doi-asserted-by":"crossref","first-page":"2082","DOI":"10.1145\/3611643.3613083","article-title":"Getting pwn\u2019d by AI: penetration testing with large language models","author":"Happe","year":"2023","ISBN":"https:\/\/id.crossref.org\/isbn\/9798400703270"},{"key":"10.1016\/j.jisa.2026.104420_bib0022","series-title":"2023 International conference on human-Centered cognitive systems","first-page":"1","article-title":"LLM-Based vulnerability detection","author":"Li","year":"2023"},{"issue":"5","key":"10.1016\/j.jisa.2026.104420_bib0023","doi-asserted-by":"crossref","DOI":"10.1145\/3769082","article-title":"LLMs In software security: a survey of vulnerability detection techniques and insights","volume":"58","author":"Sheng","year":"2025","journal-title":"ACM Comput Surv"},{"key":"10.1016\/j.jisa.2026.104420_bib0024","doi-asserted-by":"crossref","DOI":"10.1016\/j.engappai.2024.109291","article-title":"Enhanced automated code vulnerability repair using large language models","volume":"138","author":"de Fitero-Dominguez","year":"2024","journal-title":"Eng Appl Artif Intell"},{"key":"10.1016\/j.jisa.2026.104420_bib0025","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10207-024-00835-x","article-title":"Generative AI for pentesting: the good, the bad, the ugly","volume":"23","author":"Hilario","year":"2024","journal-title":"Int J Inf Secur"},{"key":"10.1016\/j.jisa.2026.104420_bib0026","unstructured":"Corporation M.. Common vulnerabilities and exposures. 2025a. Accessed: 2025-08-10; https:\/\/www.cve.org\/Downloads."},{"key":"10.1016\/j.jisa.2026.104420_bib0027","unstructured":"Corporation M.. Common weakness enumeration. 2025b. Accessed: 2025-08-10; https:\/\/cwe.mitre.org\/data\/definitions\/1000.HTML."},{"key":"10.1016\/j.jisa.2026.104420_bib0028","unstructured":"Corporation M.. Common attack pattern enumeration and classification. 2025c. Accessed: 2025-08-10; https:\/\/capec.mitre.org\/data\/downloads.HTML."},{"key":"10.1016\/j.jisa.2026.104420_bib0029","doi-asserted-by":"crossref","unstructured":"Xu H., Wang S., Li N., Wang K., Zhao Y., Chen K., et al. Large language models for cyber security: a systematic literature review2024;https:\/\/arxiv.org\/abs\/2405.04760.","DOI":"10.1145\/3769676"},{"key":"10.1016\/j.jisa.2026.104420_bib0030","unstructured":"Security O.. Exploit database. 2025. Accessed: 2025-08-10; https:\/\/www.exploit-db.com\/."},{"key":"10.1016\/j.jisa.2026.104420_bib0031","unstructured":"Rapid7. Metasploit. https:\/\/www.metasploit.com\/; 2024. Accessed: 2026-01-01."},{"key":"10.1016\/j.jisa.2026.104420_bib0032","unstructured":"OpenAI. Gpt-4 technical report2023;Accessed: 2026-01-01; https:\/\/cdn.openai.com\/papers\/gpt-4.pdf."},{"key":"10.1016\/j.jisa.2026.104420_bib0033","series-title":"Proceedings of the 2019 conference of the north american chapter of the association for computational linguistics","first-page":"4171","article-title":"Bert: pre-training of deep bidirectional transformers for language understanding","author":"Devlin","year":"2019"},{"issue":"1","key":"10.1016\/j.jisa.2026.104420_bib0034","article-title":"Exploring the limits of transfer learning with a unified text-to-text transformer","volume":"21","author":"Raffel","year":"2020","journal-title":"J Mach Learn Res"},{"key":"10.1016\/j.jisa.2026.104420_bib0035","unstructured":"Nong Y., Yang H., Cheng L., Hu H., Cai H.. APPATCH: Automated adaptive prompting large language models for real-world software vulnerability patching. 2025. https:\/\/arxiv.org\/abs\/2408.13597."},{"issue":"8","key":"10.1016\/j.jisa.2026.104420_bib0036","doi-asserted-by":"crossref","DOI":"10.3390\/info12080298","article-title":"Tracing CVE vulnerability information to CAPEC attack patterns using natural language processing techniques","volume":"12(8)","author":"Kanakogi","year":"2021","journal-title":"Information"},{"key":"10.1016\/j.jisa.2026.104420_bib0037","unstructured":"Byun T.J., Aschermann C., Thng K.Y., Zhou W., Yang Y., Deason L., et al. Introducing AutoPatchBench: A benchmark for AI-powered security fixes. 2025. Accessed: 2025-05-27; https:\/\/engineering.fb.com\/2025\/04\/29\/ai-research\/autopatchbench-benchmark-ai-powered-security-fixes\/."},{"issue":"8","key":"10.1016\/j.jisa.2026.104420_bib0038","doi-asserted-by":"crossref","DOI":"10.1145\/3671005","article-title":"A compact vulnerability knowledge graph for risk assessment","volume":"18","author":"Yin","year":"2024","journal-title":"ACM Trans Knowl Discov Data"},{"key":"10.1016\/j.jisa.2026.104420_bib0039","series-title":"2022\u202fIEEE International conference on big data","first-page":"3043","article-title":"Threat miner - a text analysis engine for threat identification using dark web data","author":"Deguara","year":"2022"},{"key":"10.1016\/j.jisa.2026.104420_bib0040","series-title":"2022 International joint conference on neural networks","first-page":"1","article-title":"VulBERTa: simplified source code pre-training for vulnerability detection","author":"Hanif","year":"2022"},{"key":"10.1016\/j.jisa.2026.104420_bib0041","unstructured":"Mittal S., Joshi A., Finin T.. Cyber-All-Intel: an AI for security related threat intelligence2019;https:\/\/arxiv.org\/abs\/1905.02895."},{"key":"10.1016\/j.jisa.2026.104420_bib0042","unstructured":"VulDB Contributors. VulDB - the vulnerability database. 2025. Accessed: 2025-05-20; https:\/\/vuldb.com."},{"issue":"1","key":"10.1016\/j.jisa.2026.104420_bib0043","article-title":"Exploring the limits of transfer learning with a unified text-to-text transformer","volume":"21","author":"Raffel","year":"2020","journal-title":"J Mach Learn Res"},{"issue":"5","key":"10.1016\/j.jisa.2026.104420_bib0044","doi-asserted-by":"crossref","first-page":"513","DOI":"10.1016\/0306-4573(88)90021-0","article-title":"Term-weighting approaches in automatic text retrieval","volume":"24","author":"Salton","year":"1988","journal-title":"Inf Process Manag"},{"key":"10.1016\/j.jisa.2026.104420_bib0045","unstructured":"Mikolov T., Chen K., Corrado G., Dean J.. Efficient estimation of word representations in vector space2013;https:\/\/arxiv.org\/abs\/1301.3781."},{"issue":"11","key":"10.1016\/j.jisa.2026.104420_bib0046","doi-asserted-by":"crossref","first-page":"613","DOI":"10.1145\/361219.361220","article-title":"A vector space model for automatic indexing","volume":"18","author":"Salton","year":"1975","journal-title":"Commun ACM"},{"key":"10.1016\/j.jisa.2026.104420_bib0047","series-title":"2019 Artificial intelligence for transforming business and society","first-page":"1","article-title":"A comparison of semantic similarity methods for maximum human interpretability","volume":"vol. 1","author":"Sitikhu","year":"2019"},{"key":"10.1016\/j.jisa.2026.104420_bib0048","series-title":"Proceedings of the 2019 conference on empirical methods in natural language processing and the 9th international joint conference on natural language processing","first-page":"3982","article-title":"Sentence-BERT: sentence embeddings using siamese BERT-networks","author":"Reimers","year":"2019"},{"key":"10.1016\/j.jisa.2026.104420_bib0049","series-title":"Proceedings of the 40th annual meeting of the association for computational linguistics","first-page":"311","article-title":"Bleu: a method for automatic evaluation of machine translation","author":"Papineni","year":"2002"},{"key":"10.1016\/j.jisa.2026.104420_bib0050","series-title":"Text summarization branches out","first-page":"74","article-title":"ROUGE: A package for automatic evaluation of summaries","author":"Lin","year":"2004"},{"key":"10.1016\/j.jisa.2026.104420_bib0051","unstructured":"Shaaban O.. The role and impact of large language models in cybersecurity: A case study on the russian-ukrainian conflict. 2023. 10.13140\/RG.2.2.11625.67684."},{"key":"10.1016\/j.jisa.2026.104420_bib0052","series-title":"Text summarization branches out","first-page":"74","article-title":"ROUGE: A package for automatic evaluation of summaries","author":"Lin","year":"2004"},{"key":"10.1016\/j.jisa.2026.104420_bib0053","series-title":"2024 Annual computer security applications conference","first-page":"15","article-title":"Secure: benchmarking large language models for cybersecurity","author":"Bhusal","year":"2024"},{"key":"10.1016\/j.jisa.2026.104420_bib0054","series-title":"2024\u202fIEEE European symposium on security and privacy workshops","first-page":"100","article-title":"Actionable cyber threat intelligence using knowledge graphs and large language models","author":"Fieblinger","year":"2024"},{"key":"10.1016\/j.jisa.2026.104420_bib0055","unstructured":"Galeax. CVE2CAPEC: Generate mitre ATT&CK and D3FEND from a list of cves. https:\/\/github.com\/Galeax\/CVE2CAPEC; 2025."}],"container-title":["Journal of Information Security and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S2214212626000505?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S2214212626000505?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,5,1]],"date-time":"2026-05-01T09:47:29Z","timestamp":1777628849000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S2214212626000505"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,6]]},"references-count":55,"alternative-id":["S2214212626000505"],"URL":"https:\/\/doi.org\/10.1016\/j.jisa.2026.104420","relation":{},"ISSN":["2214-2126"],"issn-type":[{"value":"2214-2126","type":"print"}],"subject":[],"published":{"date-parts":[[2026,6]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Vuln2Action: An LLM-based framework for generating vulnerability reproduction steps and mapping exploits","name":"articletitle","label":"Article Title"},{"value":"Journal of Information Security and Applications","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.jisa.2026.104420","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 Elsevier Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies.","name":"copyright","label":"Copyright"}],"article-number":"104420"}}