**Abstract:** Vulnerability detection is crucial for software quality assurance. This paper introduces Vul-RAG, a novel LLM-based vulnerability detection technique that leverages a knowledge-level retrieval-augmented generation (RAG) framework. Vul-RAG consists of three phases: constructing a vulnerability knowledge base, retrieving relevant knowledge from the base based on functional semantics, and using LLMs to check the vulnerability of given code snippets by reasoning about vulnerability causes and fixing solutions. Evaluations on the PairVul benchmark show that Vul-RAG significantly outperforms baselines in accuracy and pairwise accuracy. A user study demonstrates that the generated vulnerability knowledge improves manual detection accuracy from 0.60 to 0.77. **Introduction:** Vulnerability detection is essential for software security. While deep learning models, especially large language models (LLMs), have shown promise in this area, their interpretability remains a challenge. This paper addresses this by proposing Vul-RAG, which uses high-level vulnerability knowledge to enhance LLMs' understanding of code semantics. The technique is evaluated on the PairVul benchmark, showing substantial improvements over existing techniques. **Background:** The paper discusses existing vulnerability classification systems like CVE and CWE, and the role of LLMs in learning-based vulnerability detection. It also introduces the retrieval-augmented generation (RAG) paradigm, which enhances LLMs by incorporating external knowledge. **Preliminary Study:** A preliminary study is conducted to assess the effectiveness of existing learning-based techniques in distinguishing between vulnerable and non-vulnerable code with high lexical similarity. The results show that these techniques have limited capabilities in capturing high-level code semantics. **Technique:** Vul-RAG is proposed to enhance LLMs with high-level vulnerability knowledge. It constructs a knowledge base from existing CVE instances and uses RAG to retrieve and reason about relevant knowledge for given code snippets. **Evaluation:** Vul-RAG is evaluated on the PairVul benchmark, showing significant improvements over baselines in accuracy and pairwise accuracy. A user study confirms that the generated vulnerability knowledge improves manual detection accuracy and is helpful, precise, and generalizable. **Contributions:** - **Benchmark:** Construction of PairVul, a benchmark focusing on pairs of vulnerable and patched code. - **Preliminary Study:** Findings that existing techniques have limited capability in capturing high-level code semantics. - **Technique:** Introduction of Vul-RAG, a novel LLM-based vulnerability detection technique. - **Evaluation:** Demonstration of Vul-RAG's effectiveness and usefulness in both automated and manual vulnerability detection. **Threats to Validity:** The paper discusses potential threats to validity, including data leakage and generalization issues, and proposes solutions to mitigate these concerns.**Abstract:** Vulnerability detection is crucial for software quality assurance. This paper introduces Vul-RAG, a novel LLM-based vulnerability detection technique that leverages a knowledge-level retrieval-augmented generation (RAG) framework. Vul-RAG consists of three phases: constructing a vulnerability knowledge base, retrieving relevant knowledge from the base based on functional semantics, and using LLMs to check the vulnerability of given code snippets by reasoning about vulnerability causes and fixing solutions. Evaluations on the PairVul benchmark show that Vul-RAG significantly outperforms baselines in accuracy and pairwise accuracy. A user study demonstrates that the generated vulnerability knowledge improves manual detection accuracy from 0.60 to 0.77. **Introduction:** Vulnerability detection is essential for software security. While deep learning models, especially large language models (LLMs), have shown promise in this area, their interpretability remains a challenge. This paper addresses this by proposing Vul-RAG, which uses high-level vulnerability knowledge to enhance LLMs' understanding of code semantics. The technique is evaluated on the PairVul benchmark, showing substantial improvements over existing techniques. **Background:** The paper discusses existing vulnerability classification systems like CVE and CWE, and the role of LLMs in learning-based vulnerability detection. It also introduces the retrieval-augmented generation (RAG) paradigm, which enhances LLMs by incorporating external knowledge. **Preliminary Study:** A preliminary study is conducted to assess the effectiveness of existing learning-based techniques in distinguishing between vulnerable and non-vulnerable code with high lexical similarity. The results show that these techniques have limited capabilities in capturing high-level code semantics. **Technique:** Vul-RAG is proposed to enhance LLMs with high-level vulnerability knowledge. It constructs a knowledge base from existing CVE instances and uses RAG to retrieve and reason about relevant knowledge for given code snippets. **Evaluation:** Vul-RAG is evaluated on the PairVul benchmark, showing significant improvements over baselines in accuracy and pairwise accuracy. A user study confirms that the generated vulnerability knowledge improves manual detection accuracy and is helpful, precise, and generalizable. **Contributions:** - **Benchmark:** Construction of PairVul, a benchmark focusing on pairs of vulnerable and patched code. - **Preliminary Study:** Findings that existing techniques have limited capability in capturing high-level code semantics. - **Technique:** Introduction of Vul-RAG, a novel LLM-based vulnerability detection technique. - **Evaluation:** Demonstration of Vul-RAG's effectiveness and usefulness in both automated and manual vulnerability detection. **Threats to Validity:** The paper discusses potential threats to validity, including data leakage and generalization issues, and proposes solutions to mitigate these concerns.