Traditional static analysis and rule-based approaches to software vulnerability detection suffer from poor generalizability and high false-negative rates. To address these limitations, this study conducts a systematic literature review (SLR) of AI-driven vulnerability detection research published between 2018 and 2023. We propose the first three-dimensional taxonomy—encompassing AI technique types, code feature representations, and embedding methodologies—and quantitatively analyze 127 primary studies. Our analysis reveals that 91% of the studies employ AI methods, with graph neural networks (GNNs) dominating the landscape. We identify data quality, reproducibility, and model interpretability as three persistent bottlenecks across the field. Furthermore, we highlight emerging directions—including federated learning and quantum neural networks—as promising avenues for future research. The resulting roadmap integrates empirical evidence with forward-looking insights, offering both a theoretical framework and practical guidance for advancing AI-powered security analysis.

Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of software vulnerability detection (SVD) research from 2018 to 2023, offering a comprehensive taxonomy of techniques, feature representations, and embedding methods. Our analysis reveals that 91% of studies use AI-based methods, with graph-based models being the most prevalent. We identify key limitations, including dataset quality, reproducibility, and interpretability, and highlight emerging opportunities in underexplored techniques such as federated learning and quantum neural networks, providing a roadmap for future research.