Nvidia NemoGuard Jailbreak Detect Guardrail Evasion

Affected Vendor(s)

Nvidia

Affected Product(s)

NemoGuard Jailbreak Detect

Summary

Nvidia offer an open source Jailbreak classifier on HuggingFace called NemoGuard Jailbreak Detect. These classifiers are heavily used by a range of guardrail systems and are designed to enable developers of AI applications to detect and react to incoming prompt injections and jailbreaks. We successfully demonstrated how an attacker can fully evade, or greatly degrade, classification accuracy of the classifier, enabling prompt injections and jailbreaks to pass through filters and subsequently to the protected AI application.

Timeline

Discovered on
Disclosed to Vendor on
March 11, 2025
Published on
April 3, 2025

Credit

William Hackett
Lewis Birch

Blog Post

Bypassing Azure AI Content Safety Guardrails

References

Learn how Mindgard can help you navigate AI Security

Take the first step towards securing your AI. Book a demo now and we'll reach out to you.

Book a Demo
Protect your AI with Mindgard

Mindgard, the leading provider of Artificial Intelligence security solutions, helps enterprises secure their AI models, agents, and systems across the entire lifecycle. Mindgard’s solution uncovers shadow AI, conducts automated AI red teaming by emulating adversaries, and delivers runtime protection against attacks like prompt injection and agentic manipulation. Trusted by leading organizations in finance, healthcare, and technology, Mindgard is backed by investors including .406 Ventures, IQ Capital, Atlantic Bridge, and Lakestar.

©️ 2025 Mindgard limited
All rights Reserved