TLDR: A new class of prompt injection attacks dubbed “Context Overflow” can bypass safety guardrails in popular enterprise LLM solutions. The technique exploits token limit handling to inject malicious instructions.
Impact:
- Bypasses content filtering
- Enables extraction of system prompts
- Can access connected data sources
- Affects multiple LLM providers
Organizations using LLMs with access to sensitive data should implement additional input validation layers.