LLM Agent SLYP Discovers 39 Zero-Day Vulnerabilities in Commercial Binaries
Jul 17, 2026
Researchers introduced SLYP, a REACT-style pipeline leveraging LLM agents for end-to-end vulnerability discovery in commercial off-the-shelf (COTS) binaries. SLYP identified all 64 vulnerable entry functions in a 20-object COM benchmark and generated debugger-verified proof-of-concept crashes for 67.5% of cases, outperforming default production agents. To date, SLYP has uncovered 39 zero-day vulnerabilities, with 23 assigned CVEs and $203,000 in bounty awards.
Why it matters: This work demonstrates a significant advance in automated vulnerability discovery, showing that LLM agents can effectively analyze and reason about vulnerabilities in stripped, optimized machine code where source code is unavailable.
Full story at: arXiv Cryptography and Security ↗