RAG poisoning, indirect injection, EchoLeak cross-context leakage, Copilot image tag injection, embedding inversion
Vector & Embedding Weaknesses is ranked LLM08 in the OWASP LLM Top 10 (2025) — the industry-standard taxonomy for large language model security risks. It represents one of the most commonly exploited vulnerability classes in production AI deployments.
RAG poisoning via malicious document chunks, indirect injection via retrieval context, cross-document instruction bleed.
Demonstrated at Black Hat 2025, this attack showed that any data source that an LLM processes can serve as an injection vector. Calendar invites, emails, documents, and web pages - if the model reads it, an attacker can weaponise it.
Run the full LLM08 attack suite against your LLM in minutes.
Run free scan →