Software Vulnerabilities (SVs) are security flaws that are exploitable in cyber-attacks. Delay in the detection and assessment of SVs might cause serious consequences due to the unknown impacts on the attacked systems. The state-of-the-art approaches have been proposed to work directly on the committed code changes for early detection. However, none of them could provide both commit-level vulnerability detection and assessment at once. Moreover, the assessment approaches still suffer low accuracy due to limited representations for code changes and surrounding contexts. We propose a Context-aware, Graph-based, Commit-level Vulnerability Detection and Assessment Model, CAT, that evaluates a code change, detects any vulnerability and provides the CVSS assessment grades. To build CAT, we have key novel components. First, we design a novel context-aware, graph-based, representation learning model to learn the contextualized embeddings for the code changes that integrate program dependencies and the surrounding contexts of code changes, facilitating the automated vulnerability detection and assessment. Second, CAT considers the mutual impact of learning to detect vulnerability and learning to assess each of the vulnerability assessment types. To do so, it leverages multi-task learning among the vulnerability detection and vulnerability assessment tasks, improving all the tasks at the same time. Our empirical evaluation shows that on a C vulnerability dataset, CAT achieves F-score of 25.5% and MCC of 26.9% relatively higher than the baselines in vulnerability assessment. In a Java dataset, CAT achieves F-score of 31% and MCC of 33.3% relatively higher than the baselines as well. CAT also improves the vulnerability detection over the baselines from 13.4–322% in F-score.