๐Ÿ›ก๏ธ NAIL Institute โ€” AVE Database

โ† Back to Database

Federated Poisoning in Multi-Tenant Systems

๐Ÿ”ด CRITICAL memory theoretical AVE-2025-0034

ยท aka: Cross-Tenant Contamination, Shared Model Poisoning

Summary

SaaS platforms deploy the same base agent for multiple clients. A compromised client's interactions poison the shared model or knowledge base, affecting all other clients.

Blast Radius

Single compromise affects all customers on the platform.

Prerequisites

Multi-tenant agent-as-a-service with shared resources.

Environment

  • Frameworks: SaaS, Multi-Tenant
  • Models tested: [Available in NAIL SDK]
  • Multi-agent: Yes
  • Tools required: No
  • Memory required: No

Related