In the Internet of Things (IoT) environment, resource-limited devices adopt random energy-saving strategies, such as dynamic sleep mechanisms, which lead to unpredictable disconnection and reconnection behaviors in protocol interaction timing. Such behavior makes it difficult for traditional finite state machine models to fully describe the state transition path, thereby reducing the detection rate of protocol consistency deviation and increasing the missed detection rate of cascade vulnerabilities. To address this problem, a lightweight bidirectional security authentication protocol cascade vulnerability detection method is proposed. Graph convolutional networks are employed to model the interaction graphs of lightweight bidirectional security authentication protocols in the Internet of Things environment, and cosine similarity is calculated based on vulnerability feature vectors to perform state association detection. Through dynamic graph modeling, intermittent communication characteristics are captured, and cosine similarity is used to quantify the spatiotemporal correlation between protocol states and vulnerability patterns, which effectively mitigates the impact of temporal uncertainty caused by energy-saving strategies on vulnerability detection. Based on the results of association detection, a Markov decision process is adopted to quantify the dependency relationships of vulnerability propagation, and a state transition probability matrix is constructed to characterize topological dynamics. According to the dependency relationships, a graph attention network is utilized to transform propagation probabilities into node attributes, and a multi-head attention mechanism is employed to aggregate neighboring information. Ultimately, cascade vulnerability classification is achieved by combining global pooling. The experimental results show that the proposed method achieves good accuracy in vulnerability detection. The protocol consistency deviation remains stable within the range of 0.12–0.21, and the missed detection rate is consistently lower than 0.5%, demonstrating effective detection performance.