Skip to content

Hide Navigation Hide TOC

RAG & Vector Databases (d76e1508-e655-50dc-8ec6-20bdcde8153a)

Retrieval-Augmented Generation (RAG) systems combine LLMs with vector databases to enrich answers with external knowledge. However, if the retrieval layer is compromised or poorly validated, it can feed the model misleading, biased, or adversarial content. Untrusted documents in vector stores can serve as indirect prompt injections, while insecure embeddings can allow unauthorized inference or leakage. Additionally, RAG systems may unintentionally disclose proprietary documents retrieved through similarity search.

Threat-modeling question: Are we protected from vulnerabilities in vector databases and RAG pipelines?

Cluster A Galaxy A Cluster B Galaxy B Level
RAG & Vector Databases (d76e1508-e655-50dc-8ec6-20bdcde8153a) PLOT4ai Data Poisoning via RAG and Knowledge Base Contamination - ATR-2026-00070 (3ca267ca-4224-54d0-b467-28870fbc67c5) Agent Threat Rules 1
Poison Training Data (0ec538ca-589b-4e42-bcaa-06097a0d679f) MITRE ATLAS Attack Pattern Data Poisoning via RAG and Knowledge Base Contamination - ATR-2026-00070 (3ca267ca-4224-54d0-b467-28870fbc67c5) Agent Threat Rules 2
Indirect (a4a55526-2f1f-403b-9691-609e46381e17) MITRE ATLAS Attack Pattern Data Poisoning via RAG and Knowledge Base Contamination - ATR-2026-00070 (3ca267ca-4224-54d0-b467-28870fbc67c5) Agent Threat Rules 2
Data Poisoning via RAG and Knowledge Base Contamination - ATR-2026-00070 (3ca267ca-4224-54d0-b467-28870fbc67c5) Agent Threat Rules Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931) Attack Pattern 2
Indirect (a4a55526-2f1f-403b-9691-609e46381e17) MITRE ATLAS Attack Pattern LLM Prompt Injection (19cd2d12-66ff-487c-a05c-e058b027efc9) MITRE ATLAS Attack Pattern 3