{"data":{"id":"c3d0d5cc-1711-44e1-ad5f-19bcc241eeec","title":"Trigger as Entity: Backdoor Attacks to Graph-Based Retrieval-Augmented Generation of Large Language Models","summary":"Researchers discovered a new security vulnerability in graph-based RAG (retrieval-augmented generation, where an AI system pulls information from external knowledge graphs to answer questions) systems used with large language models. Attackers can poison the external database by inserting hidden triggers and false information into the knowledge graph, causing the AI to give wrong answers when those triggers appear in user queries while still answering normal questions correctly. The attack uses three types of triggers at different complexity levels, from simple words to semantic patterns, and tests showed the attack works across multiple AI systems.","solution":"N/A -- no mitigation discussed in source.","labels":["security","research"],"sourceUrl":"http://ieeexplore.ieee.org/document/11547227","publishedAt":"2026-06-02T13:17:17.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["model_poisoning","rag_poisoning"],"issueType":"research","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-02T13:17:17.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"advanced","impactType":["integrity","safety"],"aiComponentTargeted":"rag","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":"peer_reviewed","atlasIds":null}}