RAG and Retrieval Security
Synthesis
RAG security depends on retrieval boundaries, chunking, re-ranking, provenance, and resistance to data poisoning or context injection.
Evidence Base
This page was generated from the batch ingest of SRC-20260702-raw-papers-batch, SRC-20260702-raw-whitepapers-batch, and SRC-20260702-raw-news-batch. Treat it as a navigation and synthesis page; promote individual statements into claim pages when they become decision-relevant.
Representative Sources
| Title | Kind | Date | Tags | Raw |
|---|---|---|---|---|
| Tracing Target Answers in Poisoned Retrieval Corpora via Token Influence Attribution | paper | 2026-06-24 | ai-security, attribution, provenance, rag, retrieval-poisoning | raw |
| Security and Privacy in Retrieval-Augmented Generation: Architectures, Threats, Defenses, and Future | paper | 2026-06-24 | ai-security, defense, privacy, rag, survey, threat-model | raw |
| Privacy-Preserving RAG via Multi-Agent Semantic Rewriting: Achieving Confidentiality Without Comprom | paper | 2026-06-23 | ai-security, multi-agent-systems, privacy, rag, semantic-rewriting | raw |
| RAVEN: Agentic RAG for Automated Vulnerability Repair | paper | 2026-06-22 | agentic-rag, ai-for-security, software-security, vulnerability-repair | raw |
| Agent-Assisted Side-Channel Attacks on Non-Prefix KV Cache in RAG | paper | 2026-06-20 | agent-assisted-attack, ai-security, kv-cache, rag, side-channel | raw |
| A Layered Security Framework Against Prompt Injection in RAG-Based Chatbots | paper | 2026-06-18 | ai-security, chatbot-security, defense, prompt-injection, rag | raw |
| Ghost Vectors: Soft-Deleted Embeddings Remain Reconstructible in HNSW Vector Databases | paper | 2026-06-17 | ai-security, data-deletion, embeddings, privacy, rag, vector-database | raw |
| Conflict-Aware Retriever Editing for Knowledge Injection Attacks on LLM-Based RAG Systems | paper | 2026-06-16 | ai-security, knowledge-injection, poisoning, rag, retriever-editing | raw |
| Influence Factors on RAG Poisoning | paper | 2026-06-10 | ai-security, evaluation, poisoning, rag, retrieval | raw |
| When Poison Fails After Retrieval: Revisiting Corpus Poisoning under Chunking and Reranking Pipeline | paper | 2026-06-09 | ai-security, chunking, corpus-poisoning, rag, reranking, retrieval | raw |
| The Injection Paradox: Brand-Level Suppression in Safety-Trained LLM Recommendations via RAG Context | paper | 2026-06-08 | ai-security, context-injection, prompt-injection, rag, recommendation | raw |
| Document-Authored Control-Signal Impersonation: A Low-Cost Indirect Prompt Attack on RAG Safety Boun | paper | 2026-06-08 | ai-security, control-signal, indirect-prompt-injection, rag, safety-boundary | raw |
Open Questions
- Which evidence in this cluster is strongest enough to support a stable claim?
- Which results generalize across models, tools, and deployment settings?
- Which controls have been evaluated under realistic adversarial conditions?