Enregistré dans:
Détails bibliographiques
Auteurs principaux: Ortiz-Barajas, Jesus-German, Tonglet, Jonathan, Gupta, Vivek, Gurevych, Iryna
Format: Preprint
Publié: 2026
Sujets:
Accès en ligne:https://arxiv.org/abs/2601.12983
Tags: Ajouter un tag
Pas de tags, Soyez le premier à ajouter un tag!
_version_ 1866917361373675520
author Ortiz-Barajas, Jesus-German
Tonglet, Jonathan
Gupta, Vivek
Gurevych, Iryna
author_facet Ortiz-Barajas, Jesus-German
Tonglet, Jonathan
Gupta, Vivek
Gurevych, Iryna
contents Multimodal large language models (MLLMs) are increasingly used to automate chart generation from data tables, enabling efficient data analysis and reporting but also introducing new misuse risks. In this work, we introduce ChartAttack, a novel framework for evaluating how MLLMs can be misused to generate misleading charts at scale. ChartAttack injects misleaders into chart designs, aiming to induce incorrect interpretations of the underlying data. Furthermore, we create AttackViz, a chart question-answering (QA) dataset where each (chart specification, QA) pair is labeled with effective misleaders and their induced incorrect answers. ChartAttack significantly degrades QA performance, reducing MLLM accuracy by 17.2 points in-domain and 11.9 cross-domain. Preliminary human results (limited sample size) indicate a 20.2-point accuracy drop. Finally, we demonstrate that AttackViz can be used to fine-tune MLLMs to improve robustness against misleading charts. Our findings highlight an urgent need for robustness and security considerations in the design, evaluation, and deployment of MLLM-based chart generation systems. We make our code and data publicly available.
format Preprint
id arxiv_https___arxiv_org_abs_2601_12983
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle ChartAttack: Testing the Vulnerability of LLMs to Malicious Prompting in Chart Generation
Ortiz-Barajas, Jesus-German
Tonglet, Jonathan
Gupta, Vivek
Gurevych, Iryna
Computation and Language
Multimodal large language models (MLLMs) are increasingly used to automate chart generation from data tables, enabling efficient data analysis and reporting but also introducing new misuse risks. In this work, we introduce ChartAttack, a novel framework for evaluating how MLLMs can be misused to generate misleading charts at scale. ChartAttack injects misleaders into chart designs, aiming to induce incorrect interpretations of the underlying data. Furthermore, we create AttackViz, a chart question-answering (QA) dataset where each (chart specification, QA) pair is labeled with effective misleaders and their induced incorrect answers. ChartAttack significantly degrades QA performance, reducing MLLM accuracy by 17.2 points in-domain and 11.9 cross-domain. Preliminary human results (limited sample size) indicate a 20.2-point accuracy drop. Finally, we demonstrate that AttackViz can be used to fine-tune MLLMs to improve robustness against misleading charts. Our findings highlight an urgent need for robustness and security considerations in the design, evaluation, and deployment of MLLM-based chart generation systems. We make our code and data publicly available.
title ChartAttack: Testing the Vulnerability of LLMs to Malicious Prompting in Chart Generation
topic Computation and Language
url https://arxiv.org/abs/2601.12983