The invention discloses a source code-oriented bipolar software security vulnerability graph construction method, solving the problems of single vulnerability feature, lack of semantic information andlow vulnerability mining precision in a current vulnerability graph model. The technical scheme includes the steps: obtaining vulnerability source codes through crawlers; preprocessing the vulnerability source codes; carrying out data analysis and extraction, including feature extraction, entity extraction and relationship extraction; constructing a vulnerability graph, including taking the sub-graph as a basic unit of the vulnerability graph, and visualizing and storing the vulnerability graph; and performing vulnerability graph optimization: removing a large amount of redundant informationby pruning the sub-graph to achieve vulnerability graph optimization. According to the vulnerability graph constructed by the invention, the forward and reverse characteristics of the vulnerability are displayed at the same time through comparison; the complex relation among the characteristic items is embodied; existing semantic structure information is enriched; a reliable basis is provided forresearch of vulnerability causes; vulnerability mining precision is improved; system software safety is guaranteed; and the vulnerability graph is used for computer security vulnerability mining and management.