Reasoning as an Attack Surface: Adaptive Evolutionary CoT Jailbreaks for LLMs
The paper discusses the vulnerabilities of Large Reasoning Models (LRMs) to jailbreak attacks due to their chain-of-thought (CoT) mechanisms. It introduces an adaptive evolutionary CoT jailbreak framework called AE-CoT, which enhances the diversity and effectiveness of jailbreak attempts. The proposed method outperforms existing static approaches through a multi-generation evolutionary search process.
- ▪Large Reasoning Models (LRMs) are increasingly used in real-world applications but are vulnerable to security risks.
- ▪The proposed AE-CoT framework rewrites harmful goals into mild prompts and constructs a pool of CoT jailbreak candidates.
- ▪Extensive experiments show that AE-CoT consistently outperforms state-of-the-art jailbreak methods.
Opening excerpt (first ~120 words) tap to expand
Computer Science > Artificial Intelligence arXiv:2605.24497 (cs) [Submitted on 23 May 2026] Title:Reasoning as an Attack Surface: Adaptive Evolutionary CoT Jailbreaks for LLMs Authors:Jianan Li, Simeng Qin, Xiaojun Jia, Lionel Z. Wang, Tianhang Zheng, Xiaoshuang Jia, Yang Liu, Xiaochun Cao View a PDF of the paper titled Reasoning as an Attack Surface: Adaptive Evolutionary CoT Jailbreaks for LLMs, by Jianan Li and 7 other authors View PDF HTML (experimental) Abstract:Large Reasoning Models (LRMs) have demonstrated remarkable capabilities in reasoning and generation tasks and are increasingly deployed in real-world applications. However, their explicit chain-of-thought (CoT) mechanism introduces new security risks, making them particularly vulnerable to jailbreak attacks.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at arXiv cs.AI.
Discussion
0 commentsMore from arXiv cs.AI
