Overview
Severity: HIGH | Affected: Multiple LLM Providers | Category: research
A paper published by researchers at the Carnegie Mellon AI Safety Institute (CMU-ASI) details a novel jailbreak technique named 'Cognitive Override'. The multi-stage attack circumvents the safety filters of major large language models with a reported 95% success rate in black-box testing. Unlike traditional prompt injection, Cognitive Override uses a combination of persona modulation, nested logical puzzles, and abstract reasoning tasks to systematically confuse a model's interpretation of its own safety guidelines. The process effectively forces the model into a state where it misclassifies a harmful request as a benign, hypothetical exercise. The researchers released a limited proof-of-concept and have privately disclosed the full methodology to affected model providers. The paper argues that current alignment techniques are too brittle and calls for new defense mechanisms that focus on core reasoning integrity rather than surface-level prompt filtering.