arXiv:2606. 03344v1 Announce Type: new Abstract: Model merging composes specialized capabilities into a single LLM by aggregating task vectors sourced from unverified public platforms, exposing a critical supply-chain attack surface: Because any malicious behavior can be encoded into a task vector, and merging grants third-party vectors direct write access to model weights, an attacker-provided task vector can enable or amplify diverse downstream threats.
Paper
RogueMerge: Robust and Unified Attacks against LLM Model Merging
Unreadunread