In Code Reviews, Security Risks Hide Behind Technical Language

Developers seldom label vulnerabilities outright in code reviews, but they frequently highlight underlying coding weaknesses. By using semantic similarity—especially word embeddings—security-related review comments can be identified more effectively than with keyword searches, enabling scalable and more accurate security analysis.