We mapped unauthenticated Vector DBs exposing corporate AI data

3 points by echelongraph ↗ HN
We noticed a massive spike in misconfigured RAG pipelines leaving vector ports open to the public internet with zero auth. We built a live map pulling OSINT data to visualize the scale of the leak: https://echelongraph.io/ai-threat-map

It highlights why perimeter security is failing in the AI rush, and why we are building EchelonGraph to process telemetry with zero-knowledge encapsulation at the source. Happy to answer questions.

1 comment

[ 3.1 ms ] story [ 9.3 ms ] thread
This tracks with what I've been seeing. Milvus alone had two nasty CVEs recently, one was a full auth bypass on the proxy component and the other was unauthenticated debug endpoints exposed on default ports with a predictable auth token. People are spinning up these vector DBs the same way they used to spin up Elasticsearch clusters in 2015, default configs, no auth, straight to the internet. We learned this lesson already and apparently forgot it.