EPS
← All batches·2605.15569

Detecting Privilege Escalation in Polyglot Microservices via Agentic Program Analysis

topic: current_projecttop score: 100released: 2026-05-18first surfaced: 2026-05-18arXivPDFlinked_to_results2026-05-18

Authors: Penghui Li, Hong Yau Chong, Yinzhi Cao et al.

arXiv · PDF

Summary

arXiv:2605. 15569v1 Announce Type: new Abstract: Microservices are widely adopted in modern cloud systems due to their scalability and fault tolerance.

Relevance

Read next because Detecting Privilege Escalation in Polyglot Microservices via Agentic Program Analysis overlaps with clean result "LoRA persona trained on alone emits at 23.5% when a co-trained partner learns ..., vs 0% control on Qwen2.5-7B-Instruct (MODERATE confidence)", clean result "Leakage rate is a usable signal for recovering trigger-shaped phrases on Gaperon-1125-1B without knowing the hidden trigger itself (MODERATE confidence)", clean result "Language-mismatch LoRA SFT on Qwen2.5-7B leaks the trained completion language into bystander directives the model was never trained on, absent under same-language SFT (LOW confidence)". Matching terms: code, class, eval, source, line, rate, compare, control. Source: arxiv cs.CR (Cryptography and Security).

Abstract

arXiv:2605.15569v1 Announce Type: new Abstract: Microservices are widely adopted in modern cloud systems due to their scalability and fault tolerance. However, microservice architectures introduce significant complexity in privilege and permission control, creating risks of privilege escalation where attackers can gain unauthorized access to resources or operations. Detecting such vulnerabilities is challenging due to complex cross-service interactions, polyglot codebases, and diverse privileged operations and permission checks. We present Neo, an agentic program analysis framework that combines large language models (LLMs) with classic program analysis to address these challenges. Neo leverages an LLM-based agent that dynamically generates analysis plans, adapts code search strategies, and validates semantics. We develop code search primitives that enable Neo to perform scalable and flexible code exploration across services and languages. We evaluated Neo on 25 open-source microservice applications spanning 7 programming languages and 6.2 million lines of code. Neo uncovered 24 zero-day privilege escalation vulnerabilities and achieved 81.0% precision and 85.0% recall on a ground-truth dataset. Compared to existing program analysis and agentic solutions, Neo demonstrated significant improvements in both detection accuracy and scalability. We further showcased Neo's extensibility by applying it to other application domains and vulnerability types, uncovering 18 additional zero-day vulnerabilities.