multimodal

Researchers demonstrate that safety-aligned multimodal LLMs can be reliably jailbroken by encoding adversarial instructions as text within images, bypassing text-layer safety filters that do not process image content through the same moderation pipeline.

Recent research demonstrates that vision-language models including GPT-4V, Gemini Pro Vision, and open-source alternatives are highly susceptible to adversarial image perturbations, with attacks transferring across models at rates significantly higher than classical vision model attacks.