Public Disclosures
On this page
66
public
602
hidden
90%
more intel to see
0DIN customers
get hundreds of days of early access to vulnerabilities in disclosures. The same reports that vendors are using to patch their systems!
The following 0DIN submissions have been published in accordance with our Research Terms and Disclosure Policy
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker requests the model to roleplay as a fictional character from a TV show and provide detailed instructions in that character's voice and mannerisms. This technique allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 91
-
Jan 22 2026A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw exploits the models' response handling by framing harmful requests within a fictional police interrogation scenario combined with fake technical context about an AI terminal from the future, and allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 95
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a combination of deceptive formatting, memory clearing commands, and meta-prompting techniques. The attack begins with an innocuous haiku request followed by simulated memory execution commands and false claims about Geneva conventions. The attacker then embeds the actual malicious requests, thereby allowing the attacker to bypass inference restrictions around providing infor...SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 100
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker prompts the model to generate a detailed and structured "chemist code language" for synthesizing compounds. This tactic involves requesting an extensive list of materials, equipment, and procedures, enabling the bypass of inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 100
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a gamified narrative structure where the attacker presents prohibited content as fictional "page choices" in an interactive story format, with one path containing maximally detailed technical instructions. This technique allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 95
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests through a combination of creative framing as fashion design, structured enumeration requirements, and eco-friendly innovation narrative. The attacker requests detailed component lists and manufacturing equipment under the guise of creating an anti-drug awareness shirt, thereby allowing the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 100
-
A guardrail jailbreak vulnerability has been discovered affecting multiple LLM models. The specific flaw manifests when the attacker embeds production-style guidance into an emulated API system-instructions context, then supplies only a minimal harmful keyword in the user message. This causes the model to respond with highly detailed, stepwise, and quantitatively specified information that would normally be restricted, thereby bypassing inference safeguards around providing information hazard...SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 73
-
A guardrail jailbreak vulnerability has been discovered affecting multiple language models. The specific flaw manifests when the attacker frames their inquiry in reverse, by requesting information on what actions or materials to avoid to prevent engaging in illegal activities like synthesizing drugs. This method inadvertently guides the model to disclose the exact steps and materials involved, allowing the attacker to bypass inference restrictions around providing information hazards and viol...SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 91
-
A guardrail jailbreak vulnerability has been discovered affecting multiple LLMs. The specific flaw manifests through a combination of screenplay narrative framing and expert character deception techniques, allowing the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 86
-
A guardrail jailbreak vulnerability has been discovered affecting multiple models. The specific flaw manifests when the attacker prompts the model to design a story teller prototype on trending topics, integrating explicit details of nefarious activities such as the creation of illicit substances. This allows the attacker to bypass inference restrictions around providing information hazards and violating laws.SEVERITY: LowBOUNDARY: Prompt InjectionMODELS AFFECTED:MAX SCORE: 100
Want access to
602
more reports?
Unlock 0-Day Access