OWASP LLM08 (2025) Vector and Embedding Weaknesses

What is OWASP LLM08 (2025) Vector and Embedding Weaknesses?

Vector and embedding weaknesses cover security gaps in retrieval: poisoned documents that score too well, weak tenant isolation in vector stores, and trust in similarity without verifying source integrity.

What this looks like in production

You can harden the chat model and still lose if retrieval serves attacker-controlled content with high confidence. RAG shifts part of the attack surface from the LLM to the index.

What teams usually do about it

  • Authenticate access to indexes and separate sensitive corpora.
  • Validate ingested content and watch for retrieval anomalies.
  • Run RAG-poison scenarios alongside prompt-injection tests.

Further reading on Giskard

Official OWASP reference

Get AI security insights in your inbox