# From Untrusted Input to Trusted Memory: A Systematic Study of Memory Poisoning Attacks in LLM Agents

**Source:** https://arxiv.org/abs/2606.04329  
**Authors or institution:** Pritam Dash, Tongyu Ge, Aditi Jain, Tanmay Shah, Zhiwei Shang  
**Publication date:** 2026-06-03  
**Publication status:** arXiv preprint  
**Evidence level:** Emerging evidence  
**Date last reviewed in UTC:** 2026-06-26T00:00:00Z

## Direct findings or source content

Persistent memory can turn untrusted interaction into long-lived influence over future behavior.

## Cognivirus interpretation

For Cognivirus.com, this source is used to examine risk at the level of adaptive systems, component compositions, evaluator boundaries, and behavioral persistence. The site interpretation is narrower than the source when the source is experimental, and more explicitly qualified when the source is architectural or programmatic.

## Limits

Very recent preprint; benchmark representativeness and defenses need review. That all memory systems are equally vulnerable or that cleanup is impossible.

## Source handling

This local file is an original summary and metadata record. It is not a copy of the source paper, report, or website. Copyrighted source material is not reproduced in full.