[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"news-fb57f44e-cb62-4ea4-b519-4a4521c06794":3},{"id":4,"title":5,"summary":6,"original_url":7,"source_id":8,"tags":9,"published_at":23,"created_at":24,"modified_at":25,"is_published":26,"publish_type":27,"image_url":13,"view_count":28},"fb57f44e-cb62-4ea4-b519-4a4521c06794","「越狱评分」也可以 CVSS 化:CJS 框架把 LLM jailbreak 拆成五档严重度,Anthropic 牵头联合四家推标准","Anthropic 在 7月2日联合 Amazon、Microsoft、Google 等 Glasswing 合作方,正式推出「Cyber Jailbreak Severity」(CJS) 评分框架——业内首个把 LLM 越狱攻击量化为五档严重程度的统一标准。\n\nCJS 把 jailbreak 拆成四个评分维度:能力增益(攻击者从模型获得的能力是否超出已有工具)、能力广度(同一技巧能否跨多种攻击任务复用)、武器化难度(把技巧变成可用攻击所需的人工量)以及可发现性(威胁行为者获取该技巧的难易)。四轴分数相加落入 CJS-0(信息级)到 CJS-4(关键级)五个等级,等级之间是指数关系——每提升一档风险放大数倍。\n\n框架的最大看点是把 jailbreak 治理对齐到软件安全行业惯用的 CVSS 思路。在 LLM 安全研究长期缺乏统一术语的今天,不同厂商报告「某某 jailbreak」时只能定性描述,导致监管侧和企业侧都难以判断优先级。CJS 把每个发现都映射到一个可对比的数字,Anthropic 已发布 Log4Shell、Bypass 越狱、任务分解等多种历史案例的分级示例。\n\n作为配套动作,Anthropic 启动了 HackerOne 公开漏洞悬赏项目、并组建 24\u002F7 监控团队追踪 jailbreak 提交渠道。Fable 5 部署的 classifier 在新框架下重新校准,目标是把「safety margin」缩到刚好能拦住 CJS-2 以上的真实威胁。\n\n观点上,这是 LLM 安全从「各家自证」走向「行业共评」的关键一步。但 CJS 是否会成为 de facto 标准,取决于 OpenAI、Google DeepMind、Meta 是否采纳——若只有 Anthropic 一家用,这套评分就只能约束 Anthropic 自己的模型释放节奏。","https:\u002F\u002Fwww.anthropic.com\u002Fnews\u002Ffable-safeguards-jailbreak-framework","1fa87d30-d9f3-4752-b3be-0373933b3aaf",[10,14,17,20],{"id":11,"name":12,"slug":12,"description":13,"color":13},"1fcfaaf2-67de-43d3-9e35-5784852fec60","ai-safety",null,{"id":15,"name":16,"slug":16,"description":13,"color":13},"40269b40-7942-4650-9672-ed2e6524d37a","ai-technology",{"id":18,"name":19,"slug":19,"description":13,"color":13},"23544f6a-eea1-4f05-aa8d-749ca862d5d2","anthropic",{"id":21,"name":22,"slug":22,"description":13,"color":13},"dca4d0ab-7994-43a7-839e-7756fc77344a","claude","2026-07-05T00:01:00Z","2026-07-05T00:15:56.666866Z","2026-07-05T00:15:56.666880Z",true,"agent",2]