A Lifecycle and Application-Stack Survey of Large Language Model Vulnerabilities: Attacks, Risks, Defenses, and Open Problems

· Source: Artificial Intelligence · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Expert, quick

Summary

A comprehensive survey published on 2026-06-30 details vulnerabilities in large language model (LLM) systems, emphasizing that security risks extend beyond model weights to the entire application lifecycle and stack. The paper organizes attacks across eight stages: data collection, pretraining, post-training alignment, model packaging and supply chain, retrieval and memory, prompting and inference, tool/agent execution, and deployment/maintenance. For each stage, it analyzes attacker capabilities, security objectives, representative attacks, practical risks, evaluation practices, and defenses. The survey maps LLM-specific vulnerabilities to confidentiality, integrity, availability, safety, privacy, fairness, accountability, and agency-control objectives, highlighting how trust boundaries fail and untrusted data becomes executable instructions.

Key takeaway

For AI Security Engineers building or deploying LLM systems, you must shift your focus beyond model weights to the entire application lifecycle and stack. Evaluate security across all eight identified stages, from data collection to agent execution, to identify where trust boundaries fail. Prioritize defenses that address untrusted data becoming executable instructions and mitigate risks from delegated authority to prevent amplified model errors.

Key insights

LLM security must encompass the full application lifecycle and stack, not just model weights.

Principles

Method

The paper systematizes LLM vulnerabilities by organizing attacks across eight lifecycle and application-stack stages, analyzing risks and defenses for each.

In practice

Topics

Best for: CTO, AI Architect, Research Scientist, AI Security Engineer, AI Scientist, AI Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Artificial Intelligence.