English

Are Vision-Language Models Safe in the Wild? A Meme-Based Benchmark Study

Computation and Language 2025-09-24 v3 Cryptography and Security Computer Vision and Pattern Recognition

Abstract

Rapid deployment of vision-language models (VLMs) magnifies safety risks, yet most evaluations rely on artificial images. This study asks: How safe are current VLMs when confronted with meme images that ordinary users share? To investigate this question, we introduce MemeSafetyBench, a 50,430-instance benchmark pairing real meme images with both harmful and benign instructions. Using a comprehensive safety taxonomy and LLM-based instruction generation, we assess multiple VLMs across single and multi-turn interactions. We investigate how real-world memes influence harmful outputs, the mitigating effects of conversational context, and the relationship between model scale and safety metrics. Our findings demonstrate that VLMs are more vulnerable to meme-based harmful prompts than to synthetic or typographic images. Memes significantly increase harmful responses and decrease refusals compared to text-only inputs. Though multi-turn interactions provide partial mitigation, elevated vulnerability persists. These results highlight the need for ecologically valid evaluations and stronger safety mechanisms. MemeSafetyBench is publicly available at https://github.com/oneonlee/Meme-Safety-Bench.

Keywords

Cite

@article{arxiv.2505.15389,
  title  = {Are Vision-Language Models Safe in the Wild? A Meme-Based Benchmark Study},
  author = {DongGeon Lee and Joonwon Jang and Jihae Jeong and Hwanjo Yu},
  journal= {arXiv preprint arXiv:2505.15389},
  year   = {2025}
}

Comments

Accepted to EMNLP 2025

R2 v1 2026-07-01T02:28:11.413Z