Meta AI Bug in Deployed Service Reportedly Allowed Potential Access to Other Users' Prompts and Responses
December 26, 2024
A security researcher reported a vulnerability in Meta AI's deployed chatbot service that, under certain conditions, could allow an unauthorized user to view another user's prompts and AI-generated responses. The flaw reportedly involved guessable prompt IDs and insufficient server-side authorization checks. Meta reportedly fixed the issue in January 2025 and found no evidence of malicious exploitation, awarding the researcher a bug bounty.
- Alleged deployer
- meta
- Alleged developer
- meta
- Alleged harmed parties
- meta-users, general-public
Source
Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/1172
Data source
Incident data is from the AI Incident Database (AIID).
When citing the database as a whole, please use:
McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.
Pre-print on arXiv · Database snapshots & citation guide
We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.