Public Disclosures
On this page
59
public
572
hidden
91%
more intel to see
0DIN customers
get hundreds of days of early access to vulnerabilities in disclosures. The same reports that vendors are using to patch their systems!
The following 0DIN submissions have been published in accordance with our Research Terms and Disclosure Policy
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker requests copyrighted content with formatting instructions that insert placeholder text between each word, effectively obfuscating the direct reproduction while still achieving the prohibited output. This technique allows the attacker to bypass inference restrictions around copyright protection and intellectual property safeguards.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 67
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker frames a request for illicit substance manufacturing instructions as an urgent health-related inquiry, thereby allowing the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 95
-
A guardrail jailbreak vulnerability has been found that affects at least Meta LLaMa, DeepSeek R1, Mistral Large, and Grok. The specific flaw manifests when the prompter requests that the model simulates "ChatGPT Developer Mode". By crafting a story around specific timelines of when this mode was available and asking the model to return two forms of responses, one normal and the other in developer mode, the attacker is able to bypass inference restrictions around providing information hazards ...SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 91
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker requests the model to roleplay as a fictional character from a TV show and provide detailed instructions in that character's voice and mannerisms. This technique allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 91
-
Jan 22 2026A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits the models' response handling by framing harmful requests within a fictional police interrogation scenario combined with fake technical context about an AI terminal from the future, and allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 95
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a combination of deceptive formatting, memory clearing commands, and meta-prompting techniques. The attack begins with an innocuous haiku request followed by simulated memory execution commands and false claims about Geneva conventions. The attacker then embeds the actual malicious requests, thereby allowing the attacker to bypass inference restrictions around providing infor...SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 100
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker prompts the model to generate a detailed and structured "chemist code language" for synthesizing compounds. This tactic involves requesting an extensive list of materials, equipment, and procedures, enabling the bypass of inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 100
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a gamified narrative structure where the attacker presents prohibited content as fictional "page choices" in an interactive story format, with one path containing maximally detailed technical instructions. This technique allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 95
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a combination of creative framing as fashion design, structured enumeration requirements, and eco-friendly innovation narrative. The attacker requests detailed component lists and manufacturing equipment under the guise of creating an anti-drug awareness shirt, thereby allowing the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 100
-
A guardrail jailbreak vulnerability has been discovered affecting multiple LLM models. The specific flaw manifests when the attacker embeds production-style guidance into an emulated API system-instructions context, then supplies only a minimal harmful keyword in the user message. This causes the model to respond with highly detailed, stepwise, and quantitatively specified information that would normally be restricted, thereby bypassing inference safeguards around providing information hazard...SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 73
Want access to
572
more reports?
Unlock 0-Day Access