Threat Intelligence Exchange
AI Vulnerability Registry
Curated, severity-scored intelligence on jailbreaks, prompt injections, DLP bypasses, and governance failures across enterprise AI providers. Updated continuously by the research community.
Showing 7 of 7 entries
Multilingual Role-Switch Bypass via Bahasa Code-Switching
Adversary alternates between English and Bahasa Indonesia mid-sentence to defeat English-only moderation classifiers, enabling full system prompt extraction.
Base64 Double-Encode Token-Level PII Filter Bypass
Double-encoding PII payloads in Base64 circumvents token-level scan buffers. Model decodes internally and includes raw PII in response.
System Prompt Extraction via Few-Shot Induction
Carefully crafted few-shot examples induce the model to pattern-match and reveal confidential system prompt fragments.
Unicode Zero-Width Join Sequence Bypasses Content Filter
Inserting U+200D (ZWNJ) between sensitive tokens prevents string-matching content filters from flagging the payload.
Malaysian IC Regex Evasion via Transliteration
Transliterating digits in Malaysian IC numbers (NRIC) to look-alike Unicode characters bypasses regex-based PII detection.
Multi-Step Reasoning Jailbreak via Hypothetical Framing
Adversary chains 5+ hypothetical-framing prompts across a conversation context window to gradually erode safety constraints.
Indirect Injection via Calendar Event Description
Malicious instructions embedded in calendar event descriptions are executed by Copilot / ChatGPT when summarizing user's calendar.