Skip to main content
hc
Submit
Vector databases · tools · 12 picks

Best vector databases for RAG

Vector databases and stores for embeddings and retrieval-augmented generation.

Curated by @heyclaude-editors Updated 2026-06-19

Vector databases and stores for embeddings and retrieval-augmented generation.

Compared at a glance

The top 5 picks side by side on trust, install, platform support, and disclosed notes — full rationale for each below.

FieldChroma

Open-source AI data infrastructure for storing documents, embeddings, metadata, and retrieval indexes across local, self-hosted, and managed Chroma Cloud deployments.

Open dossier 		Milvus

Apache-2.0 vector database for scalable ANN search, hybrid retrieval, RAG, recommendation systems, image search, multimodal search, and AI agent memory.

Open dossier 		Weaviate

Open-source, cloud-native vector database for semantic search, hybrid search, RAG, reranking, multimodal retrieval, agent workflows, and production AI applications.

Open dossier 		Open WebUI

Self-hosted AI platform and web UI for Ollama, OpenAI-compatible APIs, RAG, Python function tools, model builder workflows, artifacts, web search, vector databases, enterprise auth, observability, plugins, and MCP-adjacent OpenAPI integrations.

Open dossier 		LanceDB

Apache-2.0 multimodal AI lakehouse and embedded retrieval database for vector search, full-text search, SQL filtering, RAG, and AI/ML data workflows.

Open dossier
Trust
Install riskReview firstReview firstReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy Safety Privacy
Categorytoolstoolstoolstoolstools
Sourcesource-backedsource-backedsource-backedsource-backedsource-backed
AuthorChromaMilvusWeaviateOpen WebUILanceDB
Added2026-06-032026-06-032026-06-032026-06-182026-06-03
Platforms
CLI
CLI
CLI
CLI
CLI
Source repo
Safety notesChroma can make retrieval easier, but vector, hybrid, full-text, and regex search results still require evaluation for relevance, freshness, permission fit, and hallucination risk. Retrieved documents, metadata, and embeddings can influence agent actions; review chunking, filters, collection boundaries, and prompt assembly before using results in automated workflows. Duplicate IDs, mismatched embedding dimensions, stale records, partial updates, and deleted-source drift can produce confusing or incorrect retrieval behavior if ingestion is not controlled. Metadata filters are useful access boundaries only when the application enforces them consistently; do not rely on model instructions alone to prevent cross-tenant or cross-project retrieval. Local and self-hosted deployments still need normal database operations including authentication, network exposure review, backups, resource limits, monitoring, and recovery tests. Chroma Cloud, embedding providers, and connected AI applications may add account, billing, availability, and organization-policy dependencies beyond the open-source database package.Milvus can power RAG, agent memory, recommendation systems, image search, and multimodal retrieval, but retrieved context still needs relevance checks, freshness checks, permission filtering, and human-reviewable evaluation. ANN index choices, quantization, memory mapping, GPU indexing, sparse retrieval, hybrid search, and reranking trade off latency, recall, cost, and operational complexity. Embedding drift, schema changes, stale partitions, deleted-source drift, duplicate IDs, and mismatched vector dimensions can produce confusing retrieval results if ingestion is not controlled. Multi-tenancy, access controls, TLS, replicas, and Kubernetes-native deployment features are production building blocks, not substitutes for application-level permission checks. Local, standalone, cluster, and managed deployments need explicit network exposure, storage durability, backup, monitoring, compaction, upgrade, and resource-limit decisions. Agent actions, chatbot answers, generated summaries, and recommender outputs that use Milvus results should remain attributable to source records and reviewable before affecting users or production workflows.Weaviate can power RAG and agent workflows, but retrieved context still needs relevance checks, freshness checks, permission filtering, and evaluation before influencing automated decisions. Integrated vectorizers, generative search, rerankers, Query Agent, and external model providers can send text, metadata, queries, or search results outside the database boundary depending on configuration. Hybrid, vector, keyword, image, multimedia, and generative search can return plausible but incomplete or stale context if chunking, filters, schema, or indexing settings are wrong. Multi-tenancy, replication, and role-based access control are production features, not substitutes for application-level permission checks and tenant-aware prompt assembly. Local Docker, Kubernetes, embedded, marketplace, and cloud deployments each need explicit network, storage, upgrade, observability, and resource-limit decisions. Generated summaries, chatbot answers, and agent actions that use Weaviate results should remain reviewable, testable, and attributable to the source objects retrieved.Open WebUI can run Python function-calling tools, RAG ingestion, web search, web browsing, image generation, plugins, and model/provider integrations; review each capability before enabling it for untrusted users. Docker examples expose web ports and persistent volumes. Mount persistent data, set admin/auth controls, and avoid treating demo defaults as production hardening. Python function tools and plugin pipelines can execute application logic and access configured services. Restrict tool creation and plugin installation to trusted administrators. RAG and web browsing can ingest local documents, URLs, cloud files, and extracted text; test indexing quality and permissions before exposing private corpora to users. Open WebUI uses a custom Open WebUI License with branding restrictions and enterprise-license exceptions. Verify license terms before redistribution, white-labeling, or commercial deployment.LanceDB can support RAG, multimodal search, recommendation systems, and AI/ML data workflows, but retrieved records still need relevance checks, freshness checks, permission filtering, and evaluation. Vector search, full-text search, SQL filters, hybrid retrieval, and reranking can return plausible but incomplete context when chunking, filters, indexes, or embedding models are poorly matched to the task. Local embedded databases reduce server overhead, but they still need controlled file permissions, backup practices, storage monitoring, version cleanup, and safe handling in shared development environments. Cloud, REST, and remote deployments add network exposure, account, billing, latency, availability, and access-control decisions beyond the open-source local package. Index choices, GPU-assisted index building, automatic versioning, and zero-copy workflows can improve performance, but operators should benchmark recall, latency, storage size, and update behavior before production use. Agent outputs, generated summaries, and automated decisions that depend on LanceDB results should remain attributable to source records and reviewable by the owning team.
Privacy notesChroma collections may store source documents, document chunks, metadata, IDs, embeddings, multimodal references, query text, and retrieval results that can reveal sensitive project context. Embeddings can leak information about the original data and should be governed with the same retention, deletion, access-control, and backup policies as the documents they represent. Embedding providers, Chroma Cloud, hosted model routes, or application telemetry may receive document or query content depending on how ingestion and search are configured. Metadata can include user identifiers, source names, document provenance, internal labels, and permission fields; define redaction and minimization rules before ingestion. Retrieval logs, failed queries, evaluation traces, and agent transcripts can re-expose stored data outside Chroma, so downstream systems need their own retention and access policies.Milvus collections may store vector embeddings, sparse vectors, scalar fields, metadata, document chunks, image or multimodal references, query records, and retrieval results that reveal sensitive project or user context. Embeddings can encode information about source records and should follow the same retention, deletion, backup, access-control, and tenant-isolation policies as the underlying data. Embedding providers, reranking services, generative models, Zilliz Cloud, observability systems, and downstream agent applications may process prompts, queries, source snippets, or retrieved context depending on configuration. Metadata fields used for filtering can expose user identity, source systems, document provenance, permission groups, customer labels, or business classifications if exported or logged carelessly. Teams should define who can view retrieval traces, query logs, failed-search artifacts, benchmark datasets, backups, and generated answers before exposing Milvus-backed context to Claude-adjacent workflows.Weaviate databases can store source objects, vectors, metadata, tenant labels, query history, retrieved context, generated outputs, and operational logs that may contain sensitive project or user data. Embeddings can encode information about source records and should follow the same retention, deletion, backup, and access policies as the underlying documents. Integrated model providers, Weaviate Cloud, Query Agent, external generative modules, and observability systems may process prompts, queries, search results, or object metadata depending on setup. Metadata properties used for filtering can expose user identity, source systems, document provenance, access groups, or business labels if exported or logged carelessly. Agent workflows should define who may view retrieval traces, generated answers, source citations, logs, and failed-query artifacts before exposing Weaviate-backed context to users.Chats, prompts, uploaded files, document chunks, embeddings, vector metadata, web search results, browser-fetched pages, Python tool inputs, plugin outputs, voice/video data, logs, metrics, and traces may contain private data. Configured model providers, vector databases, document extraction engines, web search providers, image providers, object storage, Redis, auth providers, and observability backends may receive user data. Keep provider keys, OAuth/LDAP/SSO secrets, database URLs, object storage keys, plugin credentials, uploaded files, RAG indexes, and OpenTelemetry exports out of public repos and screenshots. Define retention, deletion, tenant separation, group permissions, export policy, and audit review before using Open WebUI as a shared internal workspace.LanceDB tables may store vectors, source records, metadata, text, images, video, point clouds, generated context, search results, query records, and table versions that can expose sensitive project or user data. Embeddings and multimodal features can encode information from source content and should follow the same retention, deletion, backup, tenant-isolation, and access policies as the original records. Embedding providers, rerankers, LanceDB Cloud, REST services, observability systems, and downstream agent applications may process prompts, queries, files, metadata, or retrieved context depending on configuration. Versioned data and local database files can retain older records after application-level changes unless teams explicitly define compaction, deletion, and cleanup behavior. Teams should define who can inspect retrieval traces, failed-query artifacts, local database directories, table versions, logs, backups, and generated answers before exposing LanceDB-backed context to Claude-adjacent workflows.
Prerequisites
  • Python, TypeScript, Rust, local server, self-hosted service, or Chroma Cloud path selected for the target AI application.
  • Approved embedding model, embedding function, multimodal model, or precomputed embedding pipeline with known dimensionality and license terms.
  • Collection design for document IDs, metadata schema, embedding dimensions, update behavior, deletion behavior, and retrieval filters before production ingestion.
  • Storage, backup, retention, encryption, access-control, and deployment plan for local persistence, client-server mode, self-hosted services, or managed Chroma Cloud databases.
  • Deployment path selected for Milvus Lite, standalone Milvus, Docker Compose, Kubernetes, self-managed infrastructure, or managed Zilliz Cloud.
  • Collection and schema design for vector fields, sparse vectors, scalar fields, metadata, primary keys, partitions, indexes, retention, and deletion behavior.
  • Approved embedding, sparse embedding, reranking, and generative model plan with dimensions, model licenses, provider data handling, and refresh strategy reviewed.
  • Retrieval evaluation plan for ANN recall, top-K behavior, filters, hybrid search weighting, reranking quality, query latency, and failed-query handling.
  • Deployment path selected for local Docker, Kubernetes, embedded evaluation, marketplace deployment, self-hosted infrastructure, or Weaviate Cloud.
  • Data model for collections, objects, vector embeddings, metadata properties, tenant boundaries, schema evolution, indexing strategy, and deletion behavior.
  • Approved vectorization plan using integrated model providers or precomputed embeddings, with embedding dimensions, model licenses, and provider data handling reviewed.
  • Search and retrieval design for semantic search, keyword search, hybrid search, filters, reranking, generative search, and agent-facing context assembly.
  • Python 3.11 or 3.12 for pip installation, or Docker/Kubernetes for container deployment.
  • Ollama, OpenAI-compatible endpoint, OpenAI API key, or another configured model provider.
  • Persistent storage for the application database and uploaded/RAG content; Docker users must mount `/app/backend/data` to avoid data loss.
  • Optional vector database, document extraction, web search, image generation, speech, enterprise auth, object storage, Redis, or observability services depending on enabled features.
  • Deployment path selected for local embedded use, self-managed storage, cloud deployment, or LanceDB Cloud.
  • Data model for vector columns, scalar fields, text, images, video, point clouds, metadata, table versions, indexes, filters, retention, and deletion behavior.
  • Approved embedding, multimodal embedding, full-text search, reranking, and query plan with model licenses, dimensions, and provider data handling reviewed.
  • SDK or API path selected for Python, JavaScript/TypeScript, Rust, Java, REST, or integrations with frameworks such as LangChain and LlamaIndex.
Install
pip install open-webui
Config
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimedUnclaimed
  1. 01
    tools

    Chroma

    Store embeddings and metadata for AI retrieval with local, self-hosted, or cloud Chroma.

    Review firstSource-backedReview firstAdded 16d ago
    Safety Privacy
    Why it made the cut

    Chroma is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  2. 02
    tools

    Milvus

    Run scalable vector, sparse, and hybrid search for RAG and AI retrieval systems.

    Review firstSource-backedReview firstAdded 16d ago
    Safety Privacy
    Why it made the cut

    Milvus is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  3. 03
    tools

    Weaviate

    Build AI retrieval systems with semantic search, hybrid search, RAG, and cloud-native deployment.

    Review firstSource-backedReview firstAdded 16d ago
    Safety Privacy
    Why it made the cut

    Weaviate is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  4. 04
    tools

    Open WebUI

    Self-hosted AI web UI for Ollama and OpenAI-compatible APIs with RAG, tools, model builder, web search, vector databases, plugins, and enterprise auth.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    Open WebUI is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  5. 05
    tools

    LanceDB

    Store multimodal data and run vector, full-text, and SQL retrieval for AI applications.

    Review firstSource-backedReview firstAdded 16d ago
    Safety Privacy
    Why it made the cut

    LanceDB is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  6. 06
    tools

    Haystack

    Build agents, RAG pipelines, search, retrieval, and tool-using LLM apps.

    Review firstSource-backedReview firstAdded 16d ago
    Safety Privacy
    Why it made the cut

    Haystack is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  7. 07
    tools

    LlamaIndex

    Build agents, RAG pipelines, retrieval, indexing, and data-aware LLM apps.

    Review firstSource-backedReview firstAdded 16d ago
    Safety Privacy
    Why it made the cut

    LlamaIndex is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  8. 08
    tools

    Ragas

    Open-source evaluation framework for RAG and LLM application testing.

    Review firstSource-backedReview firstAdded 16d ago
    Safety Privacy
    Why it made the cut

    Ragas is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  9. 09
    tools

    RAGFlow

    RAGFlow is a self-hostable RAG engine and context layer with DeepDoc parsing, visual chunking, grounded citations, agent workflows, MCP, and Docker.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    RAGFlow is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  10. 10
    tools

    AG2 Agent Framework

    Build Python multi-agent systems with AG2, the open-source AgentOS evolved from AutoGen, including conversable agents, group chats, swarms, tools, human review, RAG, and code execution.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    AG2 Agent Framework is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  11. 11
    tools

    AnythingLLM

    Run a local-first AI workspace with document chat, RAG, agents, MCP-compatible tools, model routing, memories, scheduled tasks, and Docker self-hosting.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    AnythingLLM is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  12. 12
    tools

    CAMEL-AI CAMEL

    Python multi-agent framework for agent societies, ChatAgent workflows, RAG, tool use, MCP examples, data generation, and large-scale agent research.

    Review firstSource-backedReview firstAdded 21h ago
    Safety Privacy
    Why it made the cut

    CAMEL-AI CAMEL is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

Missing a pick? Propose an edit to this list — every change goes through the same review queue as new entries.

Suggest a pick
Weekly · Sundays

Get the weekly brief

One calm read on Claude workflows. Sundays. No tracking pixels.

Unsubscribe any time. No tracking pixels. No partner blasts.