AI Threat Alert
ATLAS Landscape
AML.T0066
Retrieval Content Crafting
Adversaries may write content designed to be retrieved by user queries and influence a user of the system in some way. This abuses the trust the user has in the system. The crafted content can be combined with a prompt injection. It can also stand alone in a separate document or email. The adversary must get the crafted content into the victim\u0027s database, such as a vector database used in a retrieval augmented generation (RAG) system. This may be accomplished via cyber access, or by abusing the ingestion mechanisms common in RAG systems (see [RAG Poisoning](/techniques/AML.T0070)). Large language models may be used as an assistant to aid an adversary in crafting content.
2 CVEs mapped
View on MITRE ATLAS →
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2026-44554 | open-webui: RAG poisoning via unauthorized KB overwrite | open-webui | 8.1 |
| HIGH | CVE-2026-28788 | Open WebUI: BOLA enables RAG poisoning via file overwrite | open-webui | 7.1 |