This work demonstrates that visual degradations—such as low resolution, noise, or geometric distortions—significantly impair the safety alignment of multimodal large language models (MLLMs), inadvertently inducing jailbreak risks. The study identifies this vulnerability as stemming from “cognitive overload,” wherein visual degradation overwhelms the model’s limited attentional capacity, hindering its ability to simultaneously perform accurate visual understanding and safety judgment. To address this, the authors propose a novel paradigm termed “structured cognitive offloading,” which decouples visual transcription from safety evaluation to optimize attention allocation. Experimental results across multiple state-of-the-art MLLMs show that this approach effectively restores safety alignment performance under various image degradation conditions.

Recent advancements in visual context compression enable MLLMs to process ultra-long contexts efficiently by rendering text into images. However, we identify a critical vulnerability inherent to this paradigm: lowering image resolution inadvertently catalyzes jailbreaking. Our experiments reveal that the safety defenses of SOTA models deteriorate sharply as resolution degrades, surprisingly persisting even when text remains legible. We attribute this to ``Cognitive Overload'', hypothesizing that the effort required to decipher degraded inputs diverts attentional resources from safety auditing. This phenomenon is consistent across various visual perturbations, including noise and geometric distortion. To address this, we propose a simple ``Structured Cognitive Offloading'' strategy that mitigates these risks by enforcing a serialized pipeline to decouple visual transcription from safety assessment. Our work exposes a significant risk in vision-based compression and provides critical insights for the secure design of future MLLMs.