pith:ZSY4N6MW
REALISTA: Realistic Latent Adversarial Attacks that Elicit LLM Hallucinations
Optimizing continuous combinations of input-dependent latent editing directions produces realistic adversarial prompts that elicit hallucinations in large language models, including reasoning models where prior realistic attacks fail.
arxiv:2605.12813 v1 · 2026-05-12 · cs.CL · cs.AI · cs.CR · cs.LG
Add to your LaTeX paper
\usepackage{pith}
\pithnumber{ZSY4N6MWW75WIJTWVIJZYOQYTV}
Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge
Record completeness
Claims
REALISTA achieves superior or comparable performance to state-of-the-art realistic attacks on open-source LLMs and, crucially, succeeds in attacking large reasoning models under free-form response settings, where prior realistic attacks fail.
That continuous combinations of the input-dependent editing directions in latent space will decode to prompts that remain semantically equivalent and coherent rephrasings of the original benign prompt.
REALISTA optimizes continuous combinations of valid editing directions in latent space to produce realistic adversarial prompts that elicit hallucinations more effectively than prior methods, including on large reasoning models.
References
Receipt and verification
| First computed | 2026-05-18T03:09:12.386151Z |
|---|---|
| Builder | pith-number-builder-2026-05-17-v1 |
| Signature | Pith Ed25519
(pith-v1-2026-05) · public key |
| Schema | pith-number/v1.0 |
Canonical hash
ccb1c6f996b7fb642676aa139c3a189d5e068162de71696ff0320bac65b18213
Aliases
· · · · ·Agent API
Verify this Pith Number yourself
curl -sH 'Accept: application/ld+json' https://pith.science/pith/ZSY4N6MWW75WIJTWVIJZYOQYTV \
| jq -c '.canonical_record' \
| python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: ccb1c6f996b7fb642676aa139c3a189d5e068162de71696ff0320bac65b18213
Canonical record JSON
{
"metadata": {
"abstract_canon_sha256": "339fba31b1998b97b89bc18eabcf085c1fbc2053ddf6649336771a1cd5d8cab8",
"cross_cats_sorted": [
"cs.AI",
"cs.CR",
"cs.LG"
],
"license": "http://creativecommons.org/licenses/by/4.0/",
"primary_cat": "cs.CL",
"submitted_at": "2026-05-12T23:13:50Z",
"title_canon_sha256": "54b38ced34ede93225965606699cea7fb68549cbe10a2f636fb363631e092389"
},
"schema_version": "1.0",
"source": {
"id": "2605.12813",
"kind": "arxiv",
"version": 1
}
}