New image-based prompt injection attack targets multimodal AI models
Summary
Researchers have developed CrossMPI, an image-based prompt injection attack (tricking an AI by hiding instructions in its input) that uses nearly invisible changes to images to manipulate how multimodal AI systems (AI that processes both images and text) interpret user instructions without modifying the text itself. The attack successfully fooled multiple vision-language models (AI systems that understand both images and text) about 66% of the time by targeting the intermediate layers where visual and textual information are combined, posing growing security risks as enterprises increasingly adopt multimodal AI systems.
Classification
Affected Vendors
Related Issues
CVE-2026-30308: In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe comman
CVE-2026-40087: LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-str
Original source: https://www.csoonline.com/article/4172330/new-image-based-prompt-injection-attack-targets-multimodal-ai-models.html
First tracked: May 18, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 92%