Subscribe
Vulnerability tracking for RAG systems

What's leaking
from your RAG system?

RAGBleed files, dates, and rates vulnerabilities, data leaks, and failure patterns in retrieval-augmented generation systems — as they're found, not as vendors disclose them.

Case Files

6 filed · 2026
#006 09 May 2026 High FastGPT's agent sandbox shipped with authentication turned off #005 31 Mar 2026 Medium LangGraph's checkpoint store was queryable through its own filter keys #004 30 Mar 2026 Medium A crafted prompt template can read arbitrary files off the server #003 06 Jan 2026 High RAGFlow's shared token generator let a public share link unlock a full account #002 05 Jan 2026 High RAGFlow sandbox escape lets low-privileged users run commands on the host #001 02 Jan 2026 High LangChain serialization flaw lets prompt injection exfiltrate secrets