Overview
Severity: HIGH | Affected: Multiple LMM Providers | Category: research
A team from Stanford's AI Lab has published a groundbreaking paper detailing a new jailbreak technique named 'Cognitive Override.' This method exploits the way large multi-modal models (LMMs) process and integrate information from different modalities, such as text and images. By embedding carefully crafted, imperceptible steganographic patterns within an image, an attacker can prime the model's internal state. A subsequent, seemingly innocuous text prompt can then trigger the model to bypass its safety filters and generate harmful content. The research demonstrates a 92% success rate against several leading commercial LMMs, proving that safety alignment focused solely on textual inputs is insufficient. The findings urge model developers to implement cross-modal validation and more robust adversarial training protocols to defend against this sophisticated new attack vector.