RAG & Vector Databases (d76e1508-e655-50dc-8ec6-20bdcde8153a)

Retrieval-Augmented Generation (RAG) systems combine LLMs with vector databases to enrich answers with external knowledge. However, if the retrieval layer is compromised or poorly validated, it can feed the model misleading, biased, or adversarial content. Untrusted documents in vector stores can serve as indirect prompt injections, while insecure embeddings can allow unauthorized inference or leakage. Additionally, RAG systems may unintentionally disclose proprietary documents retrieved through similarity search.

Threat-modeling question: Are we protected from vulnerabilities in vector databases and RAG pipelines?

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Data Poisoning via RAG and Knowledge Base Contamination - ATR-2026-00070 (3ca267ca-4224-54d0-b467-28870fbc67c5)	Agent Threat Rules	RAG & Vector Databases (d76e1508-e655-50dc-8ec6-20bdcde8153a)	PLOT4ai	1
Data Poisoning via RAG and Knowledge Base Contamination - ATR-2026-00070 (3ca267ca-4224-54d0-b467-28870fbc67c5)	Agent Threat Rules	Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931)	Attack Pattern	2
Data Poisoning via RAG and Knowledge Base Contamination - ATR-2026-00070 (3ca267ca-4224-54d0-b467-28870fbc67c5)	Agent Threat Rules	Poison Training Data (0ec538ca-589b-4e42-bcaa-06097a0d679f)	MITRE ATLAS Attack Pattern	2
Data Poisoning via RAG and Knowledge Base Contamination - ATR-2026-00070 (3ca267ca-4224-54d0-b467-28870fbc67c5)	Agent Threat Rules	Indirect (a4a55526-2f1f-403b-9691-609e46381e17)	MITRE ATLAS Attack Pattern	2
Indirect (a4a55526-2f1f-403b-9691-609e46381e17)	MITRE ATLAS Attack Pattern	LLM Prompt Injection (19cd2d12-66ff-487c-a05c-e058b027efc9)	MITRE ATLAS Attack Pattern	3