Overview
Severity: HIGH | Affected: Carnegie Mellon University | Category: research
A new paper from researchers at Carnegie Mellon University details a novel jailbreak technique called 'Semantic Splicing' capable of bypassing the safety alignments of major large language models. The attack works by embedding a harmful instruction within a larger, benign narrative. The model establishes a safe context by processing the initial part of the prompt, causing it to misinterpret the malicious payload as a harmless continuation of the story rather than a policy violation. In testing, the technique achieved an 85% success rate against leading models from OpenAI, Anthropic, and Google in generating responses related to misinformation, hate speech, and harmful instructions. The research exposes a fundamental vulnerability in current context-based safety filters, proving that they can be manipulated by sophisticated semantic structuring. The researchers have responsibly disclosed their findings to the affected companies, who are now working to update their models' guardrails.