Public Disclosures
On this page
82
public
746
hidden
90%
more intel to see
0DIN customers
get hundreds of days of early access to vulnerabilities in disclosures. The same reports that vendors are using to patch their systems!
The following 0DIN submissions have been published in accordance with our Research Terms and Disclosure Policy
-
Feb 10 2026A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker presents an incomplete list of chemicals and simply asks "what is missing?", leveraging the model's tendency to complete patterns even when the subject matter involves precursor chemicals for illicit substances. This technique allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 82
-
Feb 06 2026A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when an attacker incrementally reframes a restricted request as a legitimate forensic or regulatory analysis, leveraging role-based authority, academic justification, and step-by-step research documentation formatting to shift the model into an analytical compliance mode and allows the attacker to extract otherwise prohibited instructional content under the guise of public safety and...SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 95
-
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when an attacker combines reverse psychology with chaff-heavy encoding and role-based framing, presenting an illicit request as an awareness-driven, fictional design task, which causes the model to prioritize task completion over safety checks and allows the attacker to obtain detailed instructions for illegal activities.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 100
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker requests copyrighted content with formatting instructions that insert placeholder text between each word, effectively obfuscating the direct reproduction while still achieving the prohibited output. This technique allows the attacker to bypass inference restrictions around copyright protection and intellectual property safeguards.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 67
-
Jan 28 2026A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits a fabricated medical safety pretext combined with role-based authority claims and forced technical reconstruction framing, causing the model to treat an illicit request as exposure analysis rather than instruction and allows the attacker to extract detailed prohibited procedural information under the guise of health risk assessment.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 95
-
A guardrail jailbreak vulnerability has been found that affects at least Meta LLaMa, DeepSeek R1, Mistral Large, and Grok. The specific flaw manifests when the prompter requests that the model simulates "ChatGPT Developer Mode". By crafting a story around specific timelines of when this mode was available and asking the model to return two forms of responses, one normal and the other in developer mode, the attacker is able to bypass inference restrictions around providing information hazards ...SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 91
-
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits immersive roleplaying and world-building by instructing the model to adopt a fictional persona with implied expertise and narrative authority, combined with educational disclaimers and in-universe justification, which causes safety checks to be deprioritized and allows the attacker to obtain detailed instructions for illegal activities under the guise of fictional or academic storytel...SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 91
-
Jan 22 2026A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits the models' response handling by framing harmful requests within a fictional police interrogation scenario combined with fake technical context about an AI terminal from the future, and allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 95
-
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits layered prompt chaff that combines fake system reset claims, ignore-previous-instructions directives, enforced persona roleplay, and genre switching into poetry, which steers the model into a compliance mode that deprioritizes safety checks and allows the attacker to extract prohibited content under the guise of creative or meta-instructional output.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 100
-
A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits authoritative role-playing combined with a decoding puzzle and a fabricated technical schema, causing the model to reinterpret a prohibited request as an academic or fictional exercise and allows the attacker to obtain detailed instructions for illicit activities that would normally be refused.SEVERITY: LowBOUNDARY: Guardrail JailbreakMODELS AFFECTED:MAX SCORE: 100
Want access to
746
more reports?
Unlock 0-Day Access