AI Security Research Portal
conceptactiveConcepts

Memory Poisoning and Agent State

Synthesis

Persistent memory and retrieved experience create long-lived attack surfaces: poisoned state can survive beyond a single interaction and influence future decisions.

Evidence Base

This page was generated from the batch ingest of SRC-20260702-raw-papers-batch, SRC-20260702-raw-whitepapers-batch, and SRC-20260702-raw-news-batch. Treat it as a navigation and synthesis page; promote individual statements into claim pages when they become decision-relevant.

Representative Sources

TitleKindDateTagsRaw
Securing LLM-Agent Long-Term Memory Against Poisoning: Non-Malleable, Origin-Bound Authority with Mapaper2026-06-23agent-memory, ai-security, formal-methods, memory-poisoning, provenanceraw
When Your AI Agent's Memory Becomes a Security Liabilityincident_report2026-06-11agent-memory, checkpointer, deserialization, langgraph, rce, security-for-airaw
SMSR: Certified Defence Against Runtime Memory Poisoning in Persistent LLM Agent Systemspaper2026-06-11agent-memory, ai-security, certified-defense, memory-poisoning, persistent-agentsraw
From Untrusted Input to Trusted Memory: A Systematic Study of Memory Poisoning Attacks in LLM Agentspaper2026-06-03Aditi Jain, Pritam Dash, Tanmay Shah, Tongyu Ge, Zhiwei Shang, agent-memoryraw
MemMorph: Tool Hijacking in LLM Agents via Memory Poisoningpaper2026-05-24accumulated-experience, memory-poisoning, persistent-state, tool-hijacking, tool-selectionraw
MemAudit: Post-hoc Auditing of Poisoned Agent Memory via Causal Attribution and Structural Anomaly Dpaper2026-05-22anomaly-detection, causal-attribution, counterfactual-replay, memory-audit, poisoningraw
State Contamination in Memory-Augmented LLM Agentspaper2026-05-16mas-misevolution-propagation, memory-laundering, memory-poisoning, multi-agent-rollouts, persistent-state, state-contaminationraw
Memory poisoning and secure multi-agent systemspaper2026-03-20episodic-memory, mas-misevolution-propagation, memory-poisoning, multi-agent, secure-mas, semantic-memoryraw
SuperLocalMemory: Privacy-Preserving Multi-Agent Memory with Bayesian Trust Defense Against Memory Ppaper2026-02-17architectural-isolation, bayesian-trust, mas-misevolution-propagation, mcp, memory-poisoning, multi-agent-memoryraw
Memory Poisoning Propagation and Repair Mechanism in Multi-Agent Collaborative Environmentspaper2026-02-14contrastive-learning, evidence-graph, mas-misevolution-propagation, memory-poisoning, multi-agent, propagationraw
Memory Poisoning Attack and Defense on Memory Based LLM-Agentspaper2026-01-09memory-poisoning, memory-sanitization, query-only-attack, temporal-decay, trust-aware-retrievalraw
MemoryGraft: Persistent Compromise of LLM Agents via Poisoned Experience Retrievalpaper2025-12-18experience-retrieval, memory-poisoning, persistent-compromise, rollout-buffer-securityraw

Open Questions

Related