Probably not too hard with the LLM side itself assuming latest models and good tooling.

The harder thing probably is getting a dataset for “all x64/ARM64 Windows drivers that aren’t already considered vulnerable”.

Also it depends what’s considered a vulnerability here.