Beyond Static Rules: Automated Discovery of Latent Vulnerabilities in Text-to-SQL (2026.findings-acl)
Copied to clipboard
| Challenge: | Large Language Models (LLMs) have been successful in Text-to-SQL tasks, but their deployment in real-world environments is hindered by latent reliability issues. |
| Approach: | They propose a framework to autonomously uncover latent failure patterns in LLM-based Text-to-SQL generation. |
| Outcome: | The proposed framework uncovers a substantial number of failure cases on state-of-the-art open-source LLMs. |
Similar Papers
Stumbling Blocks: Stress Testing the Robustness of Machine-Generated Text Detectors Under Attacks (2024.acl-long)
Copied to clipboard
| Challenge: | Existing studies on this topic focus on the robustness of specific detectors or particular attack methods. |
| Approach: | They stress test the detectors’ robustness to malicious attacks under realistic scenarios using LLMs and metric-based detectors. |
| Outcome: | The proposed methods are based on a set of LLM-based models and their performance is compared under different budget levels. |
Solid-SQL: Enhanced Schema-linking based In-context Learning for Robust Text-to-SQL (2025.coling-main)
Copied to clipboard
| Challenge: | Existing text-to-SQL approaches have overlooked the critical aspect of system robustness. |
| Approach: | They propose a robust text-to-SQL solution that integrates with LLMs . their method achieves SOTA SQL execution accuracy levels of 82.1% and 58.9% . |
| Outcome: | The proposed solution achieves SOTA SQL execution accuracy levels of 82.1% and 58.9% on the general Spider and Bird benchmarks. |
SAFE-SQL: Self-Augmented In-Context Learning with Fine-grained Example Selection for Text-to-SQL (2025.emnlp-main)
Copied to clipboard
| Challenge: | Text-to-SQL aims to convert natural language questions into executable SQL queries. |
| Approach: | They propose a framework that generates and filters self-augmented examples for SQL generation . using self-generated examples, they surpass previous zero-shot and few-shot frameworks . |
| Outcome: | The proposed framework surpasses the previous zero-shot and few-shot frameworks, achieving higher execution accuracy. |
Vulnerabilities of Large Language Models to Adversarial Attacks (2024.acl-tutorials)
Copied to clipboard
| Challenge: | This tutorial focuses on the vulnerabilities of Large Language Models to adversarial attacks . the tutorial lays the foundation by explaining safety-aligned models and concepts in cybersecurity . |
| Approach: | This tutorial lays the foundation by explaining safety-aligned LLMs and concepts in cybersecurity. |
| Outcome: | The tutorial lays the foundation by explaining safety-aligned models and concepts in cybersecurity. |
AutoDetect: Towards a Unified Framework for Automated Weakness Detection in Large Language Models (2024.findings-emnlp)
Copied to clipboard
Jiale Cheng, Yida Lu, Xiaotao Gu, Pei Ke, Xiao Liu, Yuxiao Dong, Hongning Wang, Jie Tang, Minlie Huang
| Challenge: | Large Language Models (LLMs) exhibit significant but subtle weaknesses, such as mistakes in instruction-following or coding tasks. |
| Approach: | They propose a framework to automatically expose weaknesses in Large Language Models (LLMs) they use three LLM-powered agents to perform comprehensive weakness identification . |
| Outcome: | The proposed framework shows that it is more effective than untargeted data augmentation methods like Self-Instruct to identify weaknesses in LLMs. |
Learning from Failures: Error Notebook-guided Secure Code Generation (2026.findings-acl)
Copied to clipboard
| Challenge: | Existing security code generation methods rely on abstract security knowledge, resulting in suboptimal security. |
| Approach: | They propose a framework that integrates a Security Error Notebook and a Function Erro Notebook to provide concrete, actionable guidance to LLMs. |
| Outcome: | The proposed framework achieves a substantial leap in SP@1 metric, with GPT-4o-mini performance improving from 60.21% to 66.7% on CodeGuard+. |
StealthGraph: Exposing Domain-Specific Risks in LLMs through Knowledge-Graph-Guided Harmful Prompt Generation (2026.acl-long)
Copied to clipboard
| Challenge: | Domain-specific datasets of harmful prompts are scarce and often rely on manual construction. Existing efforts to improve domain knowledge and reduce harmful prompt generation are lacking. |
| Approach: | They propose a framework that transforms domain knowledge into actionable constraints and increases the implicitness of generated harmful prompts. |
| Outcome: | The proposed framework yields high-quality datasets combining strong domain relevance with implicitness, enabling more realistic red-teaming and advancing LLM safety research. |
From Insight to Exploit: Leveraging LLM Collaboration for Adaptive Adversarial Text Generation (2025.findings-emnlp)
Copied to clipboard
| Challenge: | LLMs can provide substantial zero-shot performance on diverse tasks, but it is crucial to assess their robustness against adversarial inputs. |
| Approach: | They introduce Static Deceptor and Dynamic Deceptr to generate adversarial examples . they produce subtle and natural-looking adversarials that preserve semantic similarity to text . |
| Outcome: | The proposed attacks are based on two LLM-based attacks that generate natural-looking examples that deceive the target LLM. |
Beneath the Facade: Probing Safety Vulnerabilities in LLMs via Auto-Generated Jailbreak Prompts (2025.findings-emnlp)
Copied to clipboard
| Challenge: | a gap exists in systematic assessment of real-world safety risks . a lack of evaluation frameworks to keep pace with the breadth and variability of real risk factors. |
| Approach: | They propose a framework that assesses security vulnerabilities by deriving scenario-driven jailbreak prompts using an adversarial agent. |
| Outcome: | The proposed framework detects vulnerabilities in scenario-driven jailbreak prompt generation . it supports plug-and-play jailbreak strategies and adapts seamlessly to multimodal settings. |
Boosting Vulnerability Detection of LLMs via Curriculum Preference Optimization with Synthetic Reasoning Data (2025.findings-acl)
Copied to clipboard
| Challenge: | Large language models (LLMs) are capable of detecting software vulnerabilities, but lack of reasoning data hinders their ability to capture underlying vulnerability patterns. |
| Approach: | They propose a framework that excels at mining vulnerability patterns through reasoning data synthesizing and vulnerability-specific preference optimization. |
| Outcome: | The proposed framework improves on SVEN and PrimeVul datasets and improves 12.24%-22.77% accuracy. |