FuzzingRL: Reinforcement Fuzz-Testing for Revealing VLM Failures

A research team led by Jiajun Xu, Jiageng Mao, and Yue Wang has introduced FuzzingRL, a novel automated testing framework that reveals critical vulnerabilities in Vision Language Models (VLMs). The system combines traditional software fuzz testing—which generates random input variations—with reinforcement learning to create increasingly sophisticated adversarial queries. Starting with a single input, FuzzingRL produces diverse variants through both vision and language fuzzing techniques, then uses the model's own failures to train a question generator via adversarial reinforcement fine-tuning. This creates a feedback loop where the system learns which types of questions are most likely to trigger incorrect responses.

In practical tests, FuzzingRL demonstrated significant impact on commercial VLMs. After just four reinforcement learning iterations, it reduced the answer accuracy of Alibaba's Qwen2.5-VL-32B model from 86.58% to 65.53%—a 21-point drop. Perhaps more importantly, the researchers found that a fuzzing policy trained against one target VLM could successfully transfer to attack other, unseen VLMs, degrading their performance without additional training. This suggests the method discovers fundamental weaknesses rather than model-specific quirks. The 18-page paper, available on arXiv, represents a major step toward automated AI safety evaluation, providing developers with tools to systematically stress-test their models before deployment.