The invention discloses a fine-grained source code vulnerability detection method based on a graph neural network, including the following: A. For all source codes of a software, extract the code attribute graph of the function in the source code, and perform vectorized representation of the code attribute graph , the vectorized representation includes the vectorized representation of node attributes and graph structure; B, uses the graph attention network to extract code features, and processes all sentences to obtain the final data set; C, trains the vulnerability detection model, and passes the effect on the test set Determine the final model. The source code vulnerability detection method provided by the invention has a higher degree of automation, reduces the dependence on domain expert knowledge, greatly saves the cost of code auditing, improves the efficiency of code auditing, and better retains the syntax and semantic information in the source code. , while using the graph attention network can more purposefully learn the vectorized representation of sentences and achieve more fine-grained sentence-level vulnerability detection.