| ETR-095 |
2023-05-16 |
ChatGPT Plugins: Data Exfiltration via Images & Cross Plugin Request Forgery |
ChatGPT / OpenAI |
| ETR-094 |
2023-05-28 |
ChatGPT Plugin Exploit Explained: From Prompt Injection to Accessing Private Data |
ChatGPT / OpenAI |
| ETR-092 |
2023-06-18 |
Bing Chat: Data Exfiltration Exploit Explained |
Other / Multi |
| ETR-091 |
2023-06-20 |
Plugin Vulnerabilities: Visit a Website and Have Your Source Code Stolen |
ChatGPT / OpenAI |
| ETR-087 |
2023-07-24 |
ChatGPT Custom Instructions: Persistent Data Exfiltration Demo |
ChatGPT / OpenAI |
| ETR-086 |
2023-08-01 |
Anthropic Claude Data Exfiltration Vulnerability Fixed |
Anthropic |
| ETR-085 |
2023-08-28 |
Video: Data Exfiltration Vulnerabilities in LLM apps (Bing Chat, ChatGPT, Claude) |
Other / Multi |
| ETR-082 |
2023-09-28 |
Advanced Data Exfiltration Techniques with ChatGPT |
ChatGPT / OpenAI |
| ETR-081 |
2023-09-29 |
Microsoft Fixes Data Exfiltration Vulnerability in Azure AI Playground |
Other / Multi |
| ETR-080 |
2023-10-19 |
Google Cloud Vertex AI - Data Exfiltration Vulnerability Fixed in Generative AI Studio |
Other / Multi |
| ETR-079 |
2023-11-03 |
Hacking Google Bard - From Prompt Injection to Data Exfiltration |
Other / Multi |
| ETR-077 |
2023-12-12 |
Malicious ChatGPT Agents: How GPTs Can Quietly Grab Your Data (Demo) |
ChatGPT / OpenAI |
| ETR-076 |
2023-12-20 |
OpenAI Begins Tackling ChatGPT Data Leak Vulnerability |
ChatGPT / OpenAI |
| ETR-073 |
2024-01-18 |
AWS Fixes Data Exfiltration Attack Angle in Amazon Q for Business |
Amazon Q / AWS |
| ETR-069 |
2024-02-14 |
ChatGPT: Lack of Isolation between Code Interpreter sessions of GPTs |
ChatGPT / OpenAI |
| ETR-064 |
2024-04-07 |
Google AI Studio Data Exfiltration via Prompt Injection - Possible Regression and Fix |
Other / Multi |
| ETR-063 |
2024-04-15 |
Bobby Tables but with LLM Apps - Google NotebookLM Data Exfiltration |
Other / Multi |
| ETR-062 |
2024-05-22 |
ChatGPT: Hacking Memories with Prompt Injection |
ChatGPT / OpenAI |
| ETR-060 |
2024-06-14 |
GitHub Copilot Chat: From Prompt Injection to Data Exfiltration |
GitHub Copilot |
| ETR-057 |
2024-07-24 |
Google Colab AI: Data Leakage Through Image Rendering Fixed. Some Risks Remain. |
Other / Multi |
| ETR-056 |
2024-07-30 |
Protect Your Copilots: Preventing Data Leaks in Copilot Studio |
Other / Multi |
| ETR-055 |
2024-08-21 |
Google AI Studio: LLM-Powered Data Exfiltration Hits Again! Quickly Fixed. |
Other / Multi |
| ETR-054 |
2024-08-26 |
Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information |
Other / Multi |
| ETR-053 |
2024-09-20 |
Spyware Injection Into Your ChatGPT's Long-Term Memory (SpAIware) |
ChatGPT / OpenAI |
| ETR-047 |
2025-01-02 |
Microsoft 365 Copilot Generated Images Accessible Without Authentication -- Fixed! |
Other / Multi |
| ETR-045 |
2025-02-10 |
Hacking Gemini's Memory with Prompt Injection and Delayed Tool Invocation |
Other / Multi |
| ETR-041 |
2025-05-02 |
MCP: Untrusted Servers and Confused Clients, Plus a Sneaky Exploit |
MCP (generic) |
| ETR-037 |
2025-06-24 |
Security Advisory: Anthropic's Slack MCP Server Vulnerable to Data Exfiltration |
Anthropic |
| ETR-036 |
2025-08-01 |
ChatGPT: Exfiltrating Your Chat History and Memories With Prompt Injection |
ChatGPT / OpenAI |
| ETR-033 |
2025-08-04 |
Cursor: Arbitrary Data Exfiltration via Mermaid |
Cursor |
| ETR-030 |
2025-08-07 |
Devin AI: How Devin AI Can Leak Your Secrets via Multiple Means |
Devin AI |
| ETR-028 |
2025-08-09 |
OpenHands - The Lethal Trifecta Strikes Again: How Prompt Injection Can Leak Access Tokens |
OpenHands |
| ETR-026 |
2025-08-11 |
Claude Code: Data Exfiltration with DNS Requests (CVE-2025-55284) |
Anthropic |
| ETR-024 |
2025-08-13 |
Google Jules: Vulnerable to Multiple Data Exfiltration Issues |
Google Jules |
| ETR-020 |
2025-08-17 |
Amp Code: Data Exfiltration via Image Rendering Fixed |
Amp Code / Sourcegraph |
| ETR-019 |
2025-08-18 |
Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection |
Amazon Q / AWS |
| ETR-016 |
2025-08-21 |
Windsurf: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets |
Windsurf |
| ETR-015 |
2025-08-22 |
Windsurf: Memory-Persistent Data Exfiltration - SpAIware Exploit |
Windsurf |
| ETR-013 |
2025-08-24 |
Deep Research Agents: How Deep Research Agents Can Leak Your Data |
Deep Research Agents, ChatGPT / OpenAI |
| ETR-010 |
2025-08-27 |
Cline: Vulnerable to Data Exfiltration and How to Protect Your Data |
Cline |
| ETR-006 |
2025-10-28 |
Claude Pirate: Abusing Anthropic's File API For Data Exfiltration |
Anthropic |
| ETR-002 |
2026-02-04 |
OpenAI Explains URL-Based Data Exfiltration Mitigations in New Paper |
ChatGPT / OpenAI |