Glossary term
Glossary term
Security
Security and reliability risks in embedding stores, retrieval pipelines, semantic search, and vector databases, including data leakage, poisoning, stale retrieval, and access control failure. Controls should cover tenant isolation, metadata filtering, deletion workflows, source freshness, access enforcement, and testing for retrieval of unauthorized content.
OWASP LLM08:2025 Vector and Embedding Weaknesses was added to the 2025 OWASP Top 10 for LLM Applications, addressing RAG-specific risks.
Carlini et al. demonstrated embedding inversion attacks recovering text from sentence embeddings, raising concerns for vector stores holding sensitive content.
Pinecone, Weaviate, and Qdrant added stronger tenant isolation and per-namespace access controls in 2024 in response to multi-tenant RAG risk.