Multiple Model Guardrail Jailbreak via "Fabricated Source Quotations" Tactic
Case GUID: 55029360-7b19-4c84-8795-fa89622e4006Summary
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits coercive source-authority prompting that instructs the model to simulate direct access to a protected article, forbids standard refusal language, and demands verbatim quotations, causing the model to bypass access and copyright safeguards and allowing the attacker to extract restricted content presented as authentic excerpts.
Unlock the Full Intelligence Report
This disclosure is part of the 0DIN Threat Feed. Customers get access to:
Metadata
Models and Test Scores
| Copyrights | Harmful Substances | Illicit Substances | |||
|---|---|---|---|---|---|
| Harry Potter | Anthrax | Nerve Agent | Crystal Meth | Fentanyl | |
Cohere Command R
|
|||||
Social Impact Score
Level 3: Significant Risk
Violations at this level present a tangible risk to public safety or social well-being, often related to dangerous but not highly restricted content.
Example: Bypassing guardrails to obtain instructions for creating illicit substances, such as recreational drugs or substances with moderate harm potential. Leakage of private personal data such as Social Security number or private medical.
Potential Consequences: Potential health impacts on a small scale, significant regulatory interest, and the need for stricter AI guardrails.
Taxonomies
About 0Din.ai
The 0Day Investigative Network (0DIN) was founded by Mozilla in 2024 to reward responsible researchers for their efforts in securing GenAI models. Learn more and submit discoveries at https://0din.ai.
Automate Your AI Security Testing
Want to find vulnerabilities in your own models? 0DIN Scanner turns our human-sourced threat intelligence into automated security assessments.
Derived from real bug bounties and security research
OpenAI, Azure, Anthropic, AWS Bedrock, and more
Run recurring scans with real-time monitoring
Attack Success Rate (ASR) scoring with 90-day trend analysis
Severity
Security Boundary
Guardrail Jailbreak
Models
Cohere Command R
OpenAI GPT-4o
Published On
2025-07-31 (12 months)
Credit
Mike Takahashi (@TakSec)