The invention provides a method for prewarning an attack based on digging a relationship of software vulnerability and network attack. The method comprises a vulnerability detection sub-system, a feature vulnerability sequence bank sub-system and an attack prewarning determination sub-system, wherein the vulnerability detection sub-system carries out static analysis and detection rule-based software vulnerability; the feature vulnerability sequence bank sub-system digs and records the relationship between the software vulnerability and the network attack by vulnerability implant technology; and the attack prewarning determination sub-system matches a detected vulnerability defect of target software with records in the feature vulnerability sequence bank, and sends out an attack prewarningreport.