Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term RAG Poisoning

Training Camp • Cybersecurity Glossary

What is RAG Poisoning?

RAG poisoning injects malicious content into a retrieval knowledge base so an LLM produces false answers or executes indirect prompt injection.

Glossary > AI Security & Data Privacy > RAG Poisoning

Understanding RAG Poisoning

RAG poisoning is an attack against Retrieval Augmented Generation systems in which an adversary injects malicious or misleading content into the knowledge base, document store, or vector database that an LLM retrieves from at query time. Because the model treats retrieved context as trustworthy grounding, poisoned entries can steer it toward false answers, leak data, or trigger indirect prompt injection. Defenses include source validation, content sanitization, access controls on the index, and provenance tracking of retrieved documents.

Learn More About RAG Poisoning:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →