MalURLBench: A Benchmark Evaluating Agents’ Vulnerabilities When Processing Web URLs

Dezhang Kong; Zhuxi Wu; Shiqi Liu; ZhiCheng Tan; Kuichen Lu; Minghao Li; Qichen Liu; Shengyu Chu; Zhenhua Xu; Xuan Liu; Meng Han

MalURLBench: A Benchmark Evaluating Agents’ Vulnerabilities When Processing Web URLs

Dezhang Kong, Zhuxi Wu, Shiqi Liu, ZhiCheng Tan, Kuichen Lu, Minghao Li, Qichen Liu, Shengyu Chu, Zhenhua Xu, Xuan Liu, Meng Han

Abstract

LLM-based web agents have become increasingly popular for their utility in daily life and work. However, they exhibit critical vulnerabilities when processing malicious URLs: accepting a disguised malicious URL enables subsequent access to unsafe webpages, which can cause severe damage to service providers and users. Despite this risk, no benchmark currently targets this emerging threat. To address this gap, we propose MalURLBench, the first benchmark for evaluating LLMs’ vulnerabilities to malicious URLs. MalURLBench contains 61,845 attack instances spanning 10 real-world scenarios and 7 categories of real malicious websites. Experiments with 12 popular LLMs reveal that existing models struggle to detect elaborately disguised malicious URLs. We further identify and analyze key factors that impact attack success rates and propose URLGuard, a lightweight defense module. We believe this work will provide a foundational resource for advancing the security of web agents.

Anthology ID:: 2026.findings-acl.716
Volume:: Findings of the Association for Computational Linguistics: ACL 2026
Month:: July
Year:: 2026
Address:: San Diego, California, United States
Editors:: Maria Liakata, Viviane P. Moreira, Jiajun Zhang, David Jurgens
Venue:: Findings
SIG:
Publisher:: Association for Computational Linguistics
Note:
Pages:: 14589–14601
Language:
URL:: https://preview.aclanthology.org/ingest-acl/2026.findings-acl.716/
DOI:
Bibkey:
Cite (ACL):: Dezhang Kong, Zhuxi Wu, Shiqi Liu, ZhiCheng Tan, Kuichen Lu, Minghao Li, Qichen Liu, Shengyu Chu, Zhenhua Xu, Xuan Liu, and Meng Han. 2026. MalURLBench: A Benchmark Evaluating Agents’ Vulnerabilities When Processing Web URLs. In Findings of the Association for Computational Linguistics: ACL 2026, pages 14589–14601, San Diego, California, United States. Association for Computational Linguistics.
Cite (Informal):: MalURLBench: A Benchmark Evaluating Agents’ Vulnerabilities When Processing Web URLs (Kong et al., Findings 2026)
Copy Citation:
PDF:: https://preview.aclanthology.org/ingest-acl/2026.findings-acl.716.pdf
Checklist:: 2026.findings-acl.716.checklist.pdf

PDF Cite Search Checklist Fix data