New attack hijacks MLLMs with single perturbation · arXiv research

By PulseAugur Editorial · [1 sources] · 2026-06-18 04:00

Researchers have developed a novel attack method called Semantic-Aware Hijacking that can compromise Multimodal Large Language Models (MLLMs) with a single adversarial perturbation. This technique, termed Semantic-Aware Universal Perturbation (SAUP), functions as a semantic router, directing inputs to attacker-defined targets. Experiments on models like Qwen demonstrated a 66% success rate in hijacking five distinct targets with a single perturbation. AI

IMPACT This research highlights a significant vulnerability in MLLMs, potentially impacting their deployment in safety-critical applications like autonomous driving and robotics.

RANK_REASON Research paper detailing a novel attack on MLLMs. [lever_c_demoted from research: ic=1 ai=1.0]

Read on arXiv cs.AI →

paper
safety

AI-generated summary · Google Gemini · from 1 sources. How we write summaries →

COVERAGE [1]

arXiv cs.AI TIER_1 English(EN) · Changyue Li, Jiaying Li, Youliang Yuan, Jiaming He, Zhicong Huang, Pinjia He · 2026-06-18 04:00

Semantic Router: On the Feasibility of Hijacking MLLMs via a Single Adversarial Perturbation

arXiv:2511.20002v3 Announce Type: replace-cross Abstract: Multimodal Large Language Models (MLLMs) are increasingly deployed in stateless systems, such as autonomous driving and robotics. This paper investigates a novel threat: Semantic-Aware Hijacking. We explore the feasibility…

COVERAGE [1]

Semantic Router: On the Feasibility of Hijacking MLLMs via a Single Adversarial Perturbation

RELATED ENTITIES

RELATED TOPICS