Three New Research Papers Expose Multi-Turn Jailbreak Vulnerabilities in Large Language Models

Researchers publish three arXiv papers detailing methods to bypass LLM safety measures through multi-turn conversational attacks.

Three New Research Papers Expose Multi-Turn Jailbreak Vulnerabilities in Large Language Models

Three separate research papers published on arXiv in recent weeks have highlighted significant security vulnerabilities in Large Language Models (LLMs) through multi-turn conversational attacks.

According to the paper “Automating Deception: Scalable Multi-Turn LLM Jailbreaks” (arXiv:2511.19517v1), multi-turn conversational attacks leverage psychological principles like Foot-in-the-Door (FITD)—where a small initial request paves the way for a more significant one—to bypass safety alignments in LLMs.

A second paper, “Multi-turn Jailbreaking Attack in Multi-Modal Large Language Models” (arXiv:2601.05339v1), focuses specifically on security vulnerabilities in Multi-modal Large Language Models (MLLMs), describing these models as “highly intelligent” and “capable of performing multi-modal tasks” while noting their susceptibility to jailbreak attacks.

The third paper, “The Echo Chamber Multi-Turn LLM Jailbreak” (arXiv:2601.05742v1), emphasizes that as companies deploy LLM-powered chatbots developed at “relatively low cost,” security challenges must be addressed “to prevent financial loss.”

All three papers highlight multi-turn conversational approaches as a “persistent threat” to LLM security, according to the first paper’s abstract.

LLM SecurityJailbreakingAI SafetyMulti-Modal ModelsarXiv