The invention discloses a fine-grained source code vulnerability detection method based on a graph neural network, which comprises the following steps: A, for all source codes of software, extractinga code attribute graph of a function in the source codes, and performing vectorization representation on the code attribute graph, the vectorization representation comprising vectorization representation of node attributes and graph structures; B, extracting code features by using a graph attention network, and processing all statements to obtain a final data set; and C, training a vulnerability detection model, and determining a final model through the effect on the test set. The source code vulnerability detection method provided by the invention has the advantages that the automation degreeis higher; dependence on domain expert knowledge is reduced, code auditing cost is greatly saved, code auditing efficiency is improved, grammar and semantic information in source codes are better reserved, meanwhile, vectorized representation of statements can be learned purposefully through a graph attention network, and vulnerability detection of a finer-grained statement level is achieved.