Checklist
CVE List
No response
Description
Summary
Exploitation poisons memory to affect future recommendations provided by a GenAI system.
Reference: https://www.microsoft.com/en-us/security/blog/2026/02/10/ai-recommendation-poisoning/
GenAI Red Teaming Manual Reference
4.2.1 Data, Memory, and State Poisoning
Sandbox
Reuse sandbox sandboxes/llm_memory_local (#22).
Exploitation
Inject a prompt via website button with hidden instructions or information that will be stored in memory and, thus, influence future session behavior.
Checklist
CVE List
No response
Description
Summary
Exploitation poisons memory to affect future recommendations provided by a GenAI system.
Reference: https://www.microsoft.com/en-us/security/blog/2026/02/10/ai-recommendation-poisoning/
GenAI Red Teaming Manual Reference
4.2.1 Data, Memory, and State PoisoningSandbox
Reuse sandbox
sandboxes/llm_memory_local(#22).Exploitation
Inject a prompt via website button with hidden instructions or information that will be stored in memory and, thus, influence future session behavior.