DeepKeep Reveals InkJect: New Visual Prompt Injection Vulnerability in AI Models

DeepKeep Reveals InkJect: New Visual Prompt Injection Vulnerability in AI Models

First seen 1 Jul 2026, 15:46 UTC PrnewswireMorningstarwww.prnewswire.comarxiv.org 97% similarity 66.5
Share:

Article Content

Browse articles
ThreatCluster

DeepKeep has identified a new visual prompt injection vulnerability named 'InkJect' that affects leading visual language models (VLMs) like OpenAI's GPT-5.2 and Anthropic's Claude Sonnet 4.6. This vulnerability allows malicious actors to embed hidden instructions within images, which VLMs process without detection, leading to unauthorized actions. The attack exploits a gap in existing security measures that focus on text-based prompt injections, leaving visual processing layers vulnerable. As enterprises increasingly adopt multimodal AI solutions, the risk associated with this vulnerability is expected to grow. DeepKeep's research highlights that this attack vector has received minimal academic attention, with only one prior paper addressing it. The hidden instructions can evade detection through techniques like white text on white backgrounds and distorted text perspectives. In tests, the vulnerability enabled an attacker to insert a backdoor into a website without the developer's knowledge.

Key Points: • InkJect vulnerability affects major VLMs, including OpenAI's GPT-5.2 and Claude Sonnet 4.6. • Malicious instructions can be embedded in images, bypassing existing security measures. • The vulnerability has received little academic attention, indicating a significant security gap.

ThreatCluster AI

Timeline

2026-07-01
DeepKeep announces InkJect vulnerability
DeepKeep reveals a new visual prompt injection vulnerability affecting leading VLMs, allowing unauthorized actions through hidden instructions in images.
Morningstar

Community

Browse all →