WINGFUZZ for CODE supports grey-box security testing of application, code module and basic library, automatically discovering critical weakness and unknown vulnerabilities.


Zero-day Mining
Discover zero-days ahead of attacker with stronger mining ability. Up to 50% higher coverage comparing to mainstream tools.
No False-positives
All the reported bugs have been verified automatically, with reproducable test case. Help lower the manual effort in test stage.
DevSecOps Native
Seamlessly integrated into DevSecOps workflow with CLI and API support, secure you application in earlier phase.


Our innovative algorithm and system design brings in leading testing performance. The code coverage is 20% to 50% higher with 3 to 10 times speedup comparing to mainstream tools, help to discover more deeper bugs.

Higher Coverage

WINGFUZZ for Code covers more code branches in various targets than classic tool.

Better Performance

WINGFUZZ for Code has better coverage growth results comparing to different tools.


WINGFUZZ for Code is helping the community on open source application security.

Application Defect Type Detail
Safari (webkit) heap-use-after-free CVE-2022-30294
Safari (webkit) heap-buffer-overflow CVE-2022-30293
freetype2 SIGSEGV CVE-2022-27406
freetype2 SIGSEGV CVE-2022-27405
freetype2 heap-buffer-overflow CVE-2022-27404
Safari (webkit) heap-use-after-free CVE-2022-26710
Safari (webkit) heap-use-after-free CVE-2022-26709
webkitgtk heap-use-after-free CVE-2021-45483
webkitgtk heap-use-after-free CVE-2021-45482
webkitgtk incorrect memory allocation CVE-2021-45481
Crypto++ time leak CVE-2021-43398
libressl stack-buffer-overflow CVE-2021-41581
safari heap-use-after-free CVE-2021-30936
safari heap-buffer-overflow CVE-2021-30889
LuPng heap-buffer-overflow CVE-2018-18582
LuPng heap-buffer-overflow CVE-2018-18581
simdcomp heap-buffer-overflow CVE-2018-17427
xar SEGV CVE-2018-17094
xar NULL pointer dereference CVE-2018-17093
pdf2json alloc_dealloc_mismatch CVE-2018-14946
pbc SEGV CVE-2018-14743
pbc SEGV CVE-2018-14742
pbc SECV CVE-2018-14741
pbc SEGV CVE-2018-14740
pbc SEGV CVE-2018-14739
pbc SEGV CVE-2018-14738
pbc SEGV CVE-2018-14737
pbc buffer overflow CVE-2018-14736
Bento4 SEGV CVE-2018-14590
Bento4 heap-buffer-overflow CVE-2018-14589
Bento4 SEGV CVE-2018-14588
Bento4 SEGV CVE-2018-14586
Bento4 buffer overflow CVE-2018-14585
Bento4 buffer overflow CVE-2018-14584
THULAC heap-buffer-overflow CVE-2018-14565
THULAC SEGV CVE-2018-14564
THULAC SEGV CVE-2018-14562
Bento4 buffer overflow CVE-2018-14532
Bento4 buffer overflow CVE-2018-14531
aubio SEGV signal CVE-2018-14522
aubio SEGV signal CVE-2018-14521
libsixel memory leak CVE-2018-14072
libwav SEGV CVE-2018-14052
libwav SEGV CVE-2018-14050
libwav SEGV CVE-2018-14049
libpng SEGV CVE-2018-14048
genann SEGV CVE-2018-13997
Bento4 SEGV CVE-2018-13848
Bento4 SEGV CVE-2018-13847
Bento4 buffer overread CVE-2018-13846
htslib buffer overflow CVE-2018-13845
Jpeg-compressor stack-buffer-overflow CVE-2018-13030
tinyexr segmentation fault CVE-2018-12688
tinyexr assert failure CVE-2018-12504
tinyexr heap-buffer-overflow CVE-2018-12503
tinyexr memory leak CVE-2018-12093
tinyexr heap-buffer-overflow CVE-2018-12064
md4c heap-buffer-overflow CVE-2018-11546
md4c heap-buffer-overflow CVE-2018-11545
md4c heap-buffer-overflow CVE-2018-11536
discount heap-buffer-overflow CVE-2018-11503
discount heap-buffer-overflow CVE-2018-11468
ReadStat memory leak CVE-2018-11364
libjpeg segmentation fault CVE-2018-11214
libjpeg segmentation fault CVE-2018-11213
cstring memory leak CVE-2018-11097
mxml heap-use-after-free CVE-2018-20005
mxml stack-buffer-overflow CVE-2018-20004
mxml detected memory leaks CVE-2018-19764
LuPng heap-buffer-overflow CVE-2018-18583
simdcomp heap-buffer-overflow CVE-2018-17854
pdfalto heap-buffer-overflow CVE-2018-17338
xar heap-buffer-overflow CVE-2018-17095
bitmap NULL pointer dereference CVE-2018-17073
json buffer-over-read CVE-2018-17072
doc2txt heap-buffer-overflow CVE-2018-17043
dbf2txt infinite loop CVE-2018-17042
imageworsener buffer overflow CVE-2018-16782
ffjpeg FPE signal CVE-2018-16781
sound alloc-dealloc-mismatch CVE-2018-14948
pdf2json alloc-dealloc-mismatch CVE-2018-14947
jpeg\_encoder heap-buffer-overflow CVE-2018-14945
jpeg\_encoder SEGV CVE-2018-14944
pbc use-after-free CVE-2018-14744
Bento4 buffer overflow CVE-2018-14587
THULAC alloc_dealloc_mismatch CVE-2018-14563
libpng Stack buffer overflow CVE-2018-14550
libwav SEGV CVE-2018-14549
aubio global-buffer-overflow CVE-2018-14523
libsixel memory leak CVE-2018-14073
libwav infinite loop CVE-2018-14051
pngwriter SEGV CVE-2018-14047
genann stack-buffer-overflow CVE-2018-13996
htslib memory leak CVE-2018-13844
cmft stack-buffer-overflow CVE-2018-13833
gravity endless loop CVE-2018-13795
cat-image buffer overflow CVE-2018-13794
fast-cpp-csv-parser buffer overflow CVE-2018-13421
gperftools buffer overflow CVE-2018-13420
libsndfile memory leak CVE-2018-13419
jpeg-compressor heap-buffer-overflow CVE-2018-13037
pbc buffer overflow CVE-2018-12917
pbc global-buffer-overflow CVE-2018-12915
tinyexr assert failure CVE-2018-12687
discount heap-buffer-overflow CVE-2018-12495
FLIF heap-buffer-overflow CVE-2018-12109
lepton SIGFPE CVE-2018-12108
tinyexr heap-buffer-overflow CVE-2018-12092
libjpeg large loop CVE-2018-11813
md4c heap-buffer-overflow CVE-2018-11547
discount heap-buffer-overflow CVE-2018-11504
ReadStat infinite loop CVE-2018-11365
PDFGen heap-buffer-overflow CVE-2018-11363
libjpeg divide-by-zero error CVE-2018-11212
chia bls-signature invalid key pairs generated CNVD-2021-100406
Crypto++ invalid key pairs generated CNVD-2021-95295
WolfCrypt denial-of-service CNVD-2021-95292
mbed TLS denial-of-service CNVD-2021-90584
Crypto++ time leak CNVD-2021-89217
sjcl illegal iv value allowed CNVD-2021-88113
SymCrypt signed integer overflow CNVD-2021-86860
OpenSSL incorrect access control CNVD-2021-86854




Build better application today.