MLingualFC: Evaluating Jailbreak Vulnerabilities in Multilingual Vision-Language Models
Summary
MLingualFC is a new multilingual multimodal benchmark designed to assess jailbreak vulnerabilities in Vision-Language Models (VLMs) using structured flowchart representations. This benchmark encodes harmful instructions into flowchart images across five languages: Hindi, Punjabi, Spanish, Romanian, and German. Researchers evaluated state-of-the-art multilingual VLMs, including Qwen2.5-VL, Gemma-4, and Pangea, under a black-box threat model. The findings reveal significant multilingual safety gaps; flowchart-based attacks achieved high attack success rates (ASR) in Latin script languages, demonstrating that visually encoded harmful content effectively bypasses safety alignment. Conversely, non-Latin script languages like Punjabi exhibited substantially lower ASR, suggesting limitations in visual text recognition rather than robust safety alignment. These results indicate that current VLM safety mechanisms do not generalize effectively across diverse languages and modalities.
Key takeaway
For AI Security Engineers evaluating VLM robustness, you should recognize that current safety mechanisms are vulnerable to multilingual visual jailbreaks. Your VLM deployments, particularly those supporting Latin script languages, are susceptible to attacks using visually encoded harmful content. Prioritize comprehensive testing with benchmarks like MLingualFC, incorporating diverse languages and visual modalities. Focus on strengthening visual text recognition and cross-lingual safety alignment to mitigate these significant safety gaps in your models.
Key insights
VLM safety mechanisms fail to generalize across languages and modalities, especially with visual jailbreaks.
Principles
- Visual encoding bypasses VLM safety alignment.
- Safety gaps exist across different language scripts.
Method
MLingualFC encodes harmful instructions into flowchart images across five languages to evaluate VLM jailbreak vulnerabilities.
In practice
- Test VLM safety with visual prompts in multiple languages.
- Prioritize improving visual text recognition for non-Latin scripts.
Topics
- Vision-Language Models
- Jailbreak Vulnerabilities
- Multilingual AI
- AI Safety
- Flowchart Attacks
- Black-box Testing
Best for: Research Scientist, CTO, VP of Engineering/Data, AI Scientist, AI Security Engineer, Machine Learning Engineer
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by Paper Index on ACL Anthology.