LLM Plugin Injection is a vulnerability that takes place when untrusted input (eg, text, metadata, documents) contains hidden instructions or code that causes manipulation in the language model to perform malicious activity via APIs or plugins. LLMs interpret natural language as commands, and this is exploited by malicious actors where input can override system rules, causing data leaks, unauthorized access, and even remote code execution.
I propose adding a case study on this vulnerability unless there are any objections. As we live in the age of LLMs and broadly AI models, where such a vulnerability risks the exposure of sensitive files, unauthorized execution of functions in applications using LLMs, and primarily automation misuse, it is highly valuable.
References:
https://nvd.nist.gov/vuln/detail/CVE-2025-25362
https://www.hacktivesecurity.com/blog/2025/04/01/cve-2025-25362-old-vulnerabilities-new-victims-breaking-llm-prompts-with-ssti/
LLM Plugin Injection is a vulnerability that takes place when untrusted input (eg, text, metadata, documents) contains hidden instructions or code that causes manipulation in the language model to perform malicious activity via APIs or plugins. LLMs interpret natural language as commands, and this is exploited by malicious actors where input can override system rules, causing data leaks, unauthorized access, and even remote code execution.
I propose adding a case study on this vulnerability unless there are any objections. As we live in the age of LLMs and broadly AI models, where such a vulnerability risks the exposure of sensitive files, unauthorized execution of functions in applications using LLMs, and primarily automation misuse, it is highly valuable.
References:
https://nvd.nist.gov/vuln/detail/CVE-2025-25362
https://www.hacktivesecurity.com/blog/2025/04/01/cve-2025-25362-old-vulnerabilities-new-victims-breaking-llm-prompts-with-ssti/