Suyue Guo

Suyue Guo

University of California, Santa Barbara

Iā€™m a PhD student at UCSB SecLab, advised by Prof. Giovanni Vigna and Prof. Christopher Kruegel. My research mainly focuses on improving software quality through fuzzing. I have found 32 zero-day vulnerabilities (CVEs) in widely-used software including Adobe Acrobat Reader, Foxit PDF Reader, PDF-XChange Editor, and Vim, and have assisted developers in fixing them. Additionally, I participated in CTFs as a member of Shellphish.

šŸ”„ News

  • 2026.01: Ā šŸŽ‰šŸŽ‰ One paper is accepted by ICLR 2026!
  • 2022.12: Ā šŸŽ‰šŸŽ‰ One paper is accepted by ICSE 2023!

šŸ“– Educations

  • 2024.09 - now, Ph.D. in Computer Science, UC Santa Barbara.

šŸ“ Publications

ICLR 2026
sym

DevOps-Gym: Benchmarking AI Agents in Software DevOps Cycle
Yuheng Tang, Kaijie Zhu, Bonan Ruan, Chuqi Zhang, Michael Yang, Hongwei Li, Suyue Guo, Tianneng Shi, Zekun Li, Christopher Kruegel, Giovanni Vigna, Dawn Song, William Yang Wang, Lun Wang, Yangruibo Ding, Zhenkai Liang, Wenbo Guo

ICSE 2023
sym

Operand-Variation-Oriented Differential Analysis for Fuzzing Binding Calls in PDF Readers
Suyue Guo, Xinyu Wang, Wei You, Bin Liang, Wenchang Shi, Yiwei Zhang, Jianjun Huang, Jian Zhang

Project

  • Artifact Evaluated with Reusable and Available badges.

šŸŽ– Honors and Awards

  • 2025 Distinguished Reviewer for ICSE 2026 Shadow PC.
  • 2021 Defcon World Final 7th (with Nu1L Team).
  • 2020.11 National Scholarship (the highest honor for Chinese undergraduates).

šŸ›”ļø Vulnerability Disclosure

I have found 32 zero-day vulnerabilities (CVEs) in widely-used software. My work has been acknowledged by the vendors. You can find acknowledgement on bulletins of Adobe, Foxit, and PDF-XChange.

  • Adobe Acrobat Reader (5 CVEs): CVE-2025-43575, CVE-2023-21586, CVE-2022-34234, CVE-2022-28234, CVE-2022-35691
  • Foxit PDF Reader (17 CVEs): CVE-2025-55307, CVE-2025-55308, CVE-2025-55312, CVE-2025-55313, CVE-2025-55314, CVE-2023-27366, CVE-2022-34873, CVE-2022-34874, CVE-2022-28682, CVE-2022-28683, CVE-2022-37379, CVE-2022-37383, CVE-2022-37380, CVE-2022-37381, CVE-2022-26979, CVE-2022-27359, CVE-2022-27944
  • PDF-XChange Editor (4 CVEs): CVE-2025-6661, CVE-2023-39487, CVE-2022-37350, CVE-2022-37349
  • Vim (6 CVEs): CVE-2024-45306, CVE-2024-43802, CVE-2024-43790, CVE-2024-43374, CVE-2024-41965, CVE-2024-41957