Vulnerabilities can have very serious consequences for information security, with huge implications for economic, social, and even national security. Automated vulnerability detection has always been a keen topic for researchers. From traditional manual vulnerability mining to static detection and dynamic detection, all rely on human experts to define features. The rapid development of machine learning and deep learning has alleviated the tedious task of manually defining features by human experts while reducing the lack of objectivity caused by human subjective awareness. However, we still need to find an objective characterization method to define the features of vulnerabilities. Therefore, we use code metrics for code characterization, which are sequences of metrics that represent code. To use code metrics for vulnerability detection, we propose VulnExplore, a deep learning-based vulnerability detection model that uses a composite neural network of CNN + LSTM for feature extraction and learning of code metrics. Experimental results show that VulnExplore has a lower false positive rate, a lower miss rate, and a better accuracy rate compared to other deep learning-based vulnerability detection models.