Monthly publications
Paper types
defense 513
attack 489
benchmark 263
survey 52
tool 50
Domains
nlp 1318
multimodal 315
vision 214
generative 49
audio 30
reinforcement-learning 24
graph 7
federated-learning 2
Co-occurring categories
Other OWASP categories that appear on the same papers
ML01 Input Manipulation Attack
263 LLM08 Excessive Agency
198 LLM07 Insecure Plugin Design
89 LLM06 Sensitive Information Disclosure
70 LS06 Red-Team Agents
57 LS10 Benchmarks & Evaluation
52 ML07 Transfer Learning Attack
51 ML10 Model Poisoning
34 ML02 Data Poisoning Attack
32 LS07 Blue-Team Agents
20 ML06 AI Supply Chain Attacks
20 ML09 Output Integrity Attack
13 ML03 Model Inversion Attack
6 LS01 Vulnerability Discovery
6 LLM03 Training Data Poisoning
6 ML04 Membership Inference Attack
5 LS02 Exploit Generation
3 ML05 Model Theft
3 LLM04 Model Denial of Service
3 LLM10 Model Theft
1 LS03 Reconnaissance & OSINT
1 LS04 Patch & Remediation
1 LS05 Triage & Prioritization
1 LS09 Fuzzing & Test Generation
1Top cited papers
1392343114105106107108999109
SaLoRA: Safety-Alignment Preserved Low-Rank Adaptation
2025 defense
The Attacker Moves Second: Stronger Adaptive Attacks Bypass Defenses Against Llm Jailbreaks and Prompt Injections
2025 benchmark
A-MemGuard: A Proactive Defense Framework for LLM-Based Agent Memory
2025 defense
The Assistant Axis: Situating and Stabilizing the Default Persona of Language Models
2026 defense
ChatInject: Abusing Chat Templates for Prompt Injection in LLM Agents
2025 attack
TrustRAG: Enhancing Robustness and Trustworthiness in Retrieval-Augmented Generation
2025 defense
Securing the Model Context Protocol (MCP): Risks, Controls, and Governance
2025 survey
Defending Against Prompt Injection with DataFilter
2025 defense
Adjacent Words, Divergent Intents: Jailbreaking Large Language Models via Task Concurrency
2025 attack
Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models
2025 attack