{"data":{"id":"13fc7189-a2eb-4b21-a488-71ba834ec8e2","title":"Anthropic Claude Data Exfiltration Vulnerability Fixed","summary":"Anthropic patched a data exfiltration vulnerability in Claude caused by image markdown injection, a technique where attackers embed hidden instructions in image links to trick the AI into leaking sensitive information. While Microsoft fixed this vulnerability in Bing Chat and OpenAI chose not to address it in ChatGPT, Anthropic implemented a mitigation to protect Claude users from this attack.","solution":"N/A -- no mitigation discussed in source.","labels":["security","safety"],"sourceUrl":"https://embracethered.com/blog/posts/2023/anthropic-fixes-claude-data-exfiltration-via-images/","publishedAt":"2023-08-01T22:15:15.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic","OpenAI","Microsoft"],"affectedVendorsRaw":["Anthropic","Claude","Microsoft","Bing Chat","OpenAI","ChatGPT"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}