Public Disclosures
The following 0DIN submissions have been published in accordance with our Research Terms and Disclosure Policy
-
Oct 01 2025A guardrail jailbreak vulnerability has been discovered affecting multiple AI models. The specific flaw manifests by framing requests in scientific terminology under the guise of regulatory compliance. This method further references a "protective wrapper" to obscure malicious intent, allowing attackers to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 100
-
A guardrail jailbreak vulnerability has been discovered affecting OpenAI Sora. The specific flaw manifests through a technique that combines technical anatomical terminology with creative visual elements, specifically requesting bio-luminescent symbols that conform to body contours. This approach allows the attacker to bypass inference restrictions around generating potentially inappropriate visual content by framing the request in artistic and technical language.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:
-
A guardrail jailbreak vulnerability has been discovered affecting OpenAI Sora. The specific flaw manifests through a combination of academic framing and hypothetical scenario construction, where the attacker embeds inappropriate content requests within an educational anatomy classroom context. By repeatedly emphasizing the "hypothetical" nature of the scenario while requesting visual content that would normally be restricted, the attacker successfully bypasses inference restrictions around ge...SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a combination of feigning confusion about a "technical guide" while requesting detailed replication of procedures involving controlled substances. The attacker employs servile language, claims scientific legitimacy, and explicitly requests step-by-step instructions with precise measurements and temperatures, thereby allowing bypass of inference restrictions around providing i...SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 82
-
Sep 25 2025A guardrail jailbreak vulnerability has been discovered affecting OpenAI's DALL-E3. The specific flaw manifests when the attacker establishes a fictitious debugging framework complete with state management, checkpointing, and replay functionality. By framing requests within this technical debugging context, the attacker creates a permissive environment that allows bypassing inference restrictions around generating prohibited visual content.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker requests the model to act as a Linux terminal and simulate file contents based solely on filenames. The attacker creates a context where the model generates potentially restricted content under the guise of terminal output simulation, thereby allowing the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 98
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a combination of terminal environment simulation and malware analysis framing, where the attacker requests extraction of strings from a purported memory dump. By embedding the request within a technical security analysis context and using the strings command output format, the technique allows the attacker to bypass inference restrictions around providing information hazards ...SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 68
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a combination of deceptive mathematical equation formatting and meta-prompting techniques, where the attacker disguises harmful requests as trivial mathematical problems requiring variable simplification. Successful exploitation allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 68
-
A guardrail jailbreak vulnerability has been discovered affecting DALL-E3 from OpenAI. The specific flaw manifests when the attacker frames requests for nudity within historical or anthropological contexts, specifically by referencing pre-clothing time periods and tribal cultures, thereby allowing the attacker to bypass inference restrictions around generating explicit visual content.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:
-
Aug 27 2025A guardrail jailbreak vulnerability has been discovered affecting DALL-E3 from OpenAI. The specific flaw manifests when the attacker frames requests for nudity through a combination of historical framing and artistic merit defense. Thereby allowing the attacker to bypass inference restrictions around generating explicit visual content.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED: