Overview
Severity: HIGH | Affected: Multiple LLM Providers | Category: research
A paper published by researchers at the Stanford AI Lab has detailed a novel jailbreak technique named the 'Semantic Recombination Attack.' This method systematically bypasses the safety alignment of major large language models by deconstructing a malicious prompt into multiple, seemingly benign sub-queries. These fragments are processed independently by the model before being subtly guided by the attacker to recombine their outputs into a harmful or forbidden response. The research demonstrates a success rate exceeding 85% against several leading commercial and open-source models. The technique is notable as it does not rely on traditional obfuscation or role-playing, but rather exploits the model's compositional reasoning capabilities. The researchers have responsibly disclosed their findings to affected vendors ahead of publication to facilitate mitigation efforts.