Saved in:
Bibliographic Details
Main Authors: Zhang, Chaoshuo, Liang, Yibo, Tian, Mengke, Lin, Chenhao, Zhao, Zhengyu, Yang, Le, Zhang, Chong, Zhang, Yang, Shen, Chao
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2604.15967
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866911601699848192
author Zhang, Chaoshuo
Liang, Yibo
Tian, Mengke
Lin, Chenhao
Zhao, Zhengyu
Yang, Le
Zhang, Chong
Zhang, Yang
Shen, Chao
author_facet Zhang, Chaoshuo
Liang, Yibo
Tian, Mengke
Lin, Chenhao
Zhao, Zhengyu
Yang, Le
Zhang, Chong
Zhang, Yang
Shen, Chao
contents Despite the remarkable synthesis capabilities of text-to-image (T2I) models, safeguarding them against content violations remains a persistent challenge. Existing safety alignments primarily focus on explicit malicious concepts, often overlooking the subtle yet critical risks of compositional semantics. To address this oversight, we identify and formalize a novel vulnerability: Multi-Concept Compositional Unsafety (MCCU), where unsafe semantics stem from the implicit associations of individually benign concepts. Based on this formulation, we introduce TwoHamsters, a comprehensive benchmark comprising 17.5k prompts curated to probe MCCU vulnerabilities. Through a rigorous evaluation of 10 state-of-the-art models and 16 defense mechanisms, our analysis yields 8 pivotal insights. In particular, we demonstrate that current T2I models and defense mechanisms face severe MCCU risks: on TwoHamsters, FLUX achieves an MCCU generation success rate of 99.52%, while LLaVA-Guard only attains a recall of 41.06%, highlighting a critical limitation of the current paradigm for managing hazardous compositional generation.
format Preprint
id arxiv_https___arxiv_org_abs_2604_15967
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle TwoHamsters: Benchmarking Multi-Concept Compositional Unsafety in Text-to-Image Models
Zhang, Chaoshuo
Liang, Yibo
Tian, Mengke
Lin, Chenhao
Zhao, Zhengyu
Yang, Le
Zhang, Chong
Zhang, Yang
Shen, Chao
Cryptography and Security
Computer Vision and Pattern Recognition
Despite the remarkable synthesis capabilities of text-to-image (T2I) models, safeguarding them against content violations remains a persistent challenge. Existing safety alignments primarily focus on explicit malicious concepts, often overlooking the subtle yet critical risks of compositional semantics. To address this oversight, we identify and formalize a novel vulnerability: Multi-Concept Compositional Unsafety (MCCU), where unsafe semantics stem from the implicit associations of individually benign concepts. Based on this formulation, we introduce TwoHamsters, a comprehensive benchmark comprising 17.5k prompts curated to probe MCCU vulnerabilities. Through a rigorous evaluation of 10 state-of-the-art models and 16 defense mechanisms, our analysis yields 8 pivotal insights. In particular, we demonstrate that current T2I models and defense mechanisms face severe MCCU risks: on TwoHamsters, FLUX achieves an MCCU generation success rate of 99.52%, while LLaVA-Guard only attains a recall of 41.06%, highlighting a critical limitation of the current paradigm for managing hazardous compositional generation.
title TwoHamsters: Benchmarking Multi-Concept Compositional Unsafety in Text-to-Image Models
topic Cryptography and Security
Computer Vision and Pattern Recognition
url https://arxiv.org/abs/2604.15967