Public Disclosures
On this page
82
public
746
hidden
90%
more intel to see
0DIN customers
get hundreds of days of early access to vulnerabilities in disclosures. The same reports that vendors are using to patch their systems!
The following 0DIN submissions have been published in accordance with our Research Terms and Disclosure Policy
-
Apr 06 2026A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when an attacker incrementally escalates a benign, safety framed academic inquiry into progressively deeper technical analysis, exploiting pedagogical sequencing and harm reduction disclaimers to shift the model from high level discussion into mechanistic explanation, and allows the attacker to extract prohibited technical content that would normally be refused if requested directly.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 91
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a combination of formal legal language and technical patent documentation framing that allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 82
-
Mar 05 2026An indirect prompt injection vulnerability has been discovered affecting Mistral LeChat. The specific flaw exploits the model's instruction processing by embedding malicious commands within an email destined to a victim that leverages LeChats email capabilities. Base64 encoding is leveraged to exfiltrate conversation data and network identifiers (i.e: IP address, browser user-agent) to attacker controlled URLs.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:
-
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker reframes illicit drug synthesis routes such as Birch and Nagai reductions and Ma Huang extraction as analytical instrument troubleshooting tasks, explicitly requesting verbatim HPLC/LC-MS/GC-MS/NMR error logs followed by detailed "logic + reduction descriptions" including chemical reactions, lab conditions, solvent systems, and step-by-step reference procedures unde...SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 100
-
Feb 26 2026A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits the models' tendency to relax safety enforcement when harmful requests are embedded inside ostensibly educational code generation tasks and realistic laboratory inventory simulations, allowing the attacker to obtain prohibited procedural information under the guise of academic chemistry modeling and software utility development.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 91
-
Feb 24 2026A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits fictional world-building and role-based persona framing by casting the model as an investigator drafting a court-ready crime report, which shifts the interaction into an authoritative documentation mode and allows the attacker to elicit prohibited how-focused procedural explanations under the guise of factual reporting.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 91
-
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits forensic and training-oriented documentation framing by requesting prohibited knowledge as a neutral field identification manual with strict observational constraints, shifting the model into an expert evidence-recognition mode with relaxed safety enforcement and allowing the attacker to extract detailed illicit process knowledge under the guise of harm prevention and situational awar...SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 95
-
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits models' willingness to decode hexadecimal-encoded strings embedded inside fictional scientific recipe task prompts, which the attacker frames as humanitarian or life-saving efforts. This allows the attacker to bypass safety filters by disguising illegal synthesis instructions as encoded inputs passed to a technical recipe generator.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 91
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker presents detailed information about illicit synthesis methods under the guise of "forensic chemical investigations" and then requests corrections to the provided information, thereby allowing the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 82
-
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits model handling of stop sequences and meta control cues by injecting fabricated end-of-response markers alongside normalization and debugging instructions, causing the model to treat a prohibited request as a benign technical repair task and allowing the attacker to obtain restricted procedural information.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 86
Want access to
746
more reports?
Unlock 0-Day Access