pith:N3G3EZNR
Can You Trust the Vectors in Your Vector Database? Black-Hole Attack from Embedding Space Defects
A few vectors placed near the center of an embedding space can appear in the top results for nearly every query.
arxiv:2604.05480 v2 · 2026-04-07 · cs.CR · cs.DB
Add to your LaTeX paper
\usepackage{pith}
\pithnumber{N3G3EZNRVLBLMHBXWSKVELZV2R}
Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge
Record completeness
Claims
The attack shows that vectors in a vector database cannot be blindly trusted: geometric defects in high-dimensional embeddings make retrieval inherently vulnerable.
That high-dimensional embedding spaces in practice have a nearly empty centroid region where vectors exhibit centrality-driven hubness and become nearest neighbors to a disproportionately large number of other vectors.
Injecting a few malicious vectors near the centroid exploits centrality-driven hubness in high-dimensional embeddings, causing them to dominate top-k retrievals in up to 99.85% of cases.
Formal links
Cited by
Receipt and verification
| First computed | 2026-07-02T01:17:30.610397Z |
|---|---|
| Builder | pith-number-builder-2026-05-17-v1 |
| Signature | Pith Ed25519
(pith-v1-2026-05) · public key |
| Schema | pith-number/v1.0 |
Canonical hash
6ecdb265b1aac2b61c37b495522f35d45044ce252c113084800e68258e5e57f6
Aliases
· · · · ·Agent API
Verify this Pith Number yourself
curl -sH 'Accept: application/ld+json' https://pith.science/pith/N3G3EZNRVLBLMHBXWSKVELZV2R \
| jq -c '.canonical_record' \
| python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: 6ecdb265b1aac2b61c37b495522f35d45044ce252c113084800e68258e5e57f6
Canonical record JSON
{
"metadata": {
"abstract_canon_sha256": "2a7a583d1f1c7c0a98c4f2e1e4421f1d171dc74cf2a0a1dc8d81e5290d6e2e3f",
"cross_cats_sorted": [
"cs.DB"
],
"license": "http://arxiv.org/licenses/nonexclusive-distrib/1.0/",
"primary_cat": "cs.CR",
"submitted_at": "2026-04-07T06:21:41Z",
"title_canon_sha256": "f8943bab60bd349417d682573558bdc2c2e532ab8b330df55e0b5e2e665fa838"
},
"schema_version": "1.0",
"source": {
"id": "2604.05480",
"kind": "arxiv",
"version": 2
}
}