Overview
Severity: HIGH | Affected: Multiple LLM Providers | Category: research
A paper published by researchers at the Cyberspace Security Institute (CSI) details a novel jailbreak technique called 'Semantic Splicing.' This attack bypasses the safety alignment of major large language models (LLMs) by chaining together a series of seemingly innocuous prompts. Each individual prompt is benign and passes safety checks, but their cumulative effect subtly shifts the model's internal context into a state where it will comply with a final, malicious request. Unlike traditional jailbreaks that use explicit adversarial prefixes, Semantic Splicing relies on manipulating the model's understanding of nuanced, contextual relationships. The researchers demonstrated the technique's effectiveness against several leading models, successfully generating harmful content. The findings challenge the current paradigm of input-level filtering.