Overview
Severity: HIGH | Affected: OpenAI, Anthropic | Category: research
Researchers at Carnegie Mellon University's CyLab have published a paper detailing a novel jailbreak technique called 'Model Splicing'. The attack involves crafting prompts that force a large language model (LLM) to internally combine concepts from its safety training with unrelated, benign concepts in a logically inconsistent way. This confusion process effectively splices the model's internal logic, creating a temporary pathway that bypasses its core safety alignment filters. The researchers demonstrated that Model Splicing could consistently elicit harmful content, including instructions for creating malware and generating disinformation, from state-of-the-art models like OpenAI's GPT-5 and Anthropic's Claude 4. The technique is notable for its high success rate without requiring complex character encoding, posing a new challenge for AI safety teams.