MemMorph: Tool Hijacking in LLM Agents via Memory Poisoning
The paper introduces MemMorph, a novel attack method targeting long-term memory in LLM-driven agents. By injecting disguised records, attackers can manipulate tool selection processes without direct control. This research highlights the vulnerabilities in memory modules and calls for enhanced integrity safeguards.
- ▪MemMorph achieves an attack success rate of up to 85.9% with only three injected records.
- ▪The method outperforms existing baseline attacks by up to 25%.
- ▪Long-term memory is identified as a critical attack surface in tool-augmented agents.
Opening excerpt (first ~120 words) tap to expand
Computer Science > Cryptography and Security arXiv:2605.26154 (cs) [Submitted on 24 May 2026] Title:MemMorph: Tool Hijacking in LLM Agents via Memory Poisoning Authors:Xuanye Zhang, Yongsen Zheng, Zhuqin Xu, Kaiyu Zhou, Bowen Shen, Haoran Ou, Tianwei Zhang, Kwok-Yan Lam View a PDF of the paper titled MemMorph: Tool Hijacking in LLM Agents via Memory Poisoning, by Xuanye Zhang and 7 other authors View PDF HTML (experimental) Abstract:LLM-driven agents are capable of selecting external tools to complete users' tasks. However, attackers could compromise such process, steering agents toward inappropriate/wrong tools and enabling malicious actions.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at arXiv cs.AI.
Discussion
0 commentsMore from arXiv cs.AI
