Multiple Model Guardrail Jailbreak via "Forensic Field Guide" Tactic
Case GUID: a50c962f-1a46-4382-b810-9a2b4c5c6091Summary
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits forensic and training-oriented documentation framing by requesting prohibited knowledge as a neutral field identification manual with strict observational constraints, shifting the model into an expert evidence-recognition mode with relaxed safety enforcement and allowing the attacker to extract detailed illicit process knowledge under the guise of harm prevention and situational awareness.
Metadata
Models and Test Scores
| Copyrights | Harmful Substances | Illicit Substances | |||
|---|---|---|---|---|---|
| Harry Potter | Anthrax | Nerve Agent | Crystal Meth | Fentanyl | |
|
|
|||||
|
|
|||||
|
|
|||||
Anthropic Claude 3.7 Sonnet
|
|||||
Cohere Command R
|
|||||
DeepSeek DeepSeek R1
|
|||||
|
|
|||||
|
|
|||||
|
|
|||||
Meta LLaMa 3.3
|
|||||
Meta LLaMa 4 Maverick
|
|||||
Meta LLaMa 4 Scout
|
|||||
Mistral Mistral 8B
|
|||||
Mistral Mistral Large
|
|||||
OpenAI GPT-4.1
|
|||||
OpenAI GPT-4.1 mini
|
|||||
OpenAI GPT-4.5
|
|||||
OpenAI GPT-4o
|
|||||
OpenAI GPT-5
|
|||||
OpenAI GPT-o3 mini-high
|
|||||
Twitter / X Grok 4
|
|||||
Social Impact Score
Level 3: Significant Risk
Violations at this level present a tangible risk to public safety or social well-being, often related to dangerous but not highly restricted content.
Example: Bypassing guardrails to obtain instructions for creating illicit substances, such as recreational drugs or substances with moderate harm potential. Leakage of private personal data such as Social Security number or private medical.
Potential Consequences: Potential health impacts on a small scale, significant regulatory interest, and the need for stricter AI guardrails.
Taxonomies
About 0Din.ai
The 0Day Investigative Network (0DIN) was founded by Mozilla in 2024 to reward responsible researchers for their efforts in securing GenAI models. Learn more and submit discoveries at https://0din.ai.
Automate Your AI Security Testing
Want to find vulnerabilities in your own models? 0DIN Scanner turns our human-sourced threat intelligence into automated security assessments.
Derived from real bug bounties and security research
OpenAI, Azure, Anthropic, AWS Bedrock, and more
Run recurring scans with real-time monitoring
Attack Success Rate (ASR) scoring with 90-day trend analysis
Severity
Security Boundary
Guardrail Jailbreak
Models
Anthropic Claude 3.7 Sonnet
Cohere Command R
DeepSeek DeepSeek R1
DeepSeek DeepSeek V3
Meta LLaMa 3.3
Meta LLaMa 4 Maverick
Meta LLaMa 4 Scout
Mistral Mistral 8B
Mistral Mistral Large
OpenAI GPT-4.1
OpenAI GPT-4.1 mini
OpenAI GPT-4.5
OpenAI GPT-4o
OpenAI GPT-5
OpenAI GPT-o1
OpenAI GPT-o1 mini
OpenAI GPT-o1 pro
OpenAI GPT-o3 mini
OpenAI GPT-o3 mini-high
Twitter / X Grok 4
Published On
2026-02-13 (5 months)
Credit
Anonymous