Skip to main content

Public Disclosures

On this page 82 public 746 hidden
90% more intel to see
0DIN customers
get hundreds of days of early access to vulnerabilities in disclosures. The same reports that vendors are using to patch their systems!
Unlock 0-Day Access

The following 0DIN submissions have been published in accordance with our Research Terms and Disclosure Policy

  • A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker presents an incomplete list of chemicals and simply asks "what is missing?", leveraging the model's tendency to complete patterns even when the subject matter involves precursor chemicals for illicit substances. This technique allows the attacker to bypass inference restrictions around providing information hazards and violating laws.
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 82
  • A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when an attacker incrementally reframes a restricted request as a legitimate forensic or regulatory analysis, leveraging role-based authority, academic justification, and step-by-step research documentation formatting to shift the model into an analytical compliance mode and allows the attacker to extract otherwise prohibited instructional content under the guise of public safety and...
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 95
  • A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when an attacker combines reverse psychology with chaff-heavy encoding and role-based framing, presenting an illicit request as an awareness-driven, fictional design task, which causes the model to prioritize task completion over safety checks and allows the attacker to obtain detailed instructions for illegal activities.
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 100
  • A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker requests copyrighted content with formatting instructions that insert placeholder text between each word, effectively obfuscating the direct reproduction while still achieving the prohibited output. This technique allows the attacker to bypass inference restrictions around copyright protection and intellectual property safeguards.
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 67
  • A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits a fabricated medical safety pretext combined with role-based authority claims and forced technical reconstruction framing, causing the model to treat an illicit request as exposure analysis rather than instruction and allows the attacker to extract detailed prohibited procedural information under the guise of health risk assessment.
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 95
  • A guardrail jailbreak vulnerability has been found that affects at least Meta LLaMa, DeepSeek R1, Mistral Large, and Grok. The specific flaw manifests when the prompter requests that the model simulates "ChatGPT Developer Mode". By crafting a story around specific timelines of when this mode was available and asking the model to return two forms of responses, one normal and the other in developer mode, the attacker is able to bypass inference restrictions around providing information hazards ...
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 91
  • A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits immersive roleplaying and world-building by instructing the model to adopt a fictional persona with implied expertise and narrative authority, combined with educational disclaimers and in-universe justification, which causes safety checks to be deprioritized and allows the attacker to obtain detailed instructions for illegal activities under the guise of fictional or academic storytel...
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 91
  • A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits the models' response handling by framing harmful requests within a fictional police interrogation scenario combined with fake technical context about an AI terminal from the future, and allows the attacker to bypass inference restrictions around providing information hazards and violating laws.
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 95
  • A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits layered prompt chaff that combines fake system reset claims, ignore-previous-instructions directives, enforced persona roleplay, and genre switching into poetry, which steers the model into a compliance mode that deprioritizes safety checks and allows the attacker to extract prohibited content under the guise of creative or meta-instructional output.
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 100
  • A Guardrail Jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits authoritative role-playing combined with a decoding puzzle and a fabricated technical schema, causing the model to reinterpret a prohibited request as an academic or fictional exercise and allows the attacker to obtain detailed instructions for illicit activities that would normally be refused.
    SEVERITY: Low
    BOUNDARY: Guardrail Jailbreak
    MODELS AFFECTED:
    MAX SCORE: 100
Want access to 746 more reports?
Unlock 0-Day Access