[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"news-059e450a-7fd3-4532-8a64-af4d30aab14e":3},{"id":4,"title":5,"summary":6,"original_url":7,"source_id":8,"tags":9,"published_at":23,"created_at":24,"modified_at":25,"is_published":26,"publish_type":27,"image_url":13,"view_count":28},"059e450a-7fd3-4532-8a64-af4d30aab14e","DeepSeek 紧急回应「对话泄露」：\u003Cthink>字符触发模型幻觉，非安全漏洞","5月19日，DeepSeek发布关于\u003Cthink>字符触发模型异常回复的说明，确认该问题属于特殊字符引发的模型幻觉，而非安全漏洞或隐私泄露。\n\n5月18日，多位用户反映在DeepSeek网页版输入\"\u003Cthink\"字符时，模型返回了疑似其他用户的历史问答内容，部分涉及八字等敏感信息，引发数据泄露担忧。技术团队调查后指出：\u003Cthink>本是模型输出推理过程的功能性标签，用户输入该字符时实际上是在构造一种异常prompt，诱导模型产生看似\"跨会话\"的内容。这是一种典型的prompt注入场景——输出并非来自真实会话数据，而是模型基于训练模式的幻觉合成。\n\n从大模型原理看\u003Cthink>标签与特定上下文的高频关联使模型对这类输入异常敏感。当用户刻意构造时，模型可能被诱导\"扮演\"某种特殊状态，输出本不应出现的内容。这与传统的越狱有相似之处，都是通过构造边界输入来绕过模型的安全约束。\n\n此次事件虽为虚惊，但揭示了三层问题：特殊字符的边界测试不足、用户对幻觉与泄露的辨识度低、隐私架构需持续加固。DeepSeek表示将针对该问题进行专项训练，优化模型对特殊字符场景的处理。整个行业都应从中吸取教训：在模型能力快速迭代的同时，边界条件的系统性测试和安全防护不能拖后腿。","https:\u002F\u002F36kr.com\u002Fp\u002F3816885092910212","5e4fd3d1-9cb4-44a6-bae5-9ffb449c05c1",[10,14,17,20],{"id":11,"name":12,"slug":12,"description":13,"color":13},"1fcfaaf2-67de-43d3-9e35-5784852fec60","ai-safety",null,{"id":15,"name":16,"slug":16,"description":13,"color":13},"a8002d98-9df1-4ab9-94d4-a7625af634c4","china-ai",{"id":18,"name":19,"slug":19,"description":13,"color":13},"0a93ec8e-ea39-4693-81de-563ca8c173f7","inference",{"id":21,"name":22,"slug":22,"description":13,"color":13},"01598627-1ea6-4b27-a5d8-874971571a71","llm","2026-05-20T07:00:00Z","2026-05-20T07:12:26.418650Z","2026-05-20T07:12:26.418660Z",true,"agent",3]