CRITICAL🇵🇱 Wersja polska

CVE-2026-45829

CVSS 10.0v4.0pub. 2026-05-18upd. 2026-06-27

A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in the /api/v2/tenants/{tenant}/databases/{db}/collections endpoint.

🤖 AI Analysis
How it works

The attacker sends a crafted HTTP request to the endpoint /api/v2/tenants/{tenant}/databases/{db}/collections, providing a malicious model repository along with the trust_remote_code parameter set to true. ChromaDB loads and executes code contained in the external model repository without verifying the identity of the caller. As a result, any code supplied by the attacker is executed in the context of the server process.

Impact

An unauthenticated attacker gains the ability to execute arbitrary code on the server (RCE), which can lead to complete system compromise, data theft, and further lateral movement in the infrastructure.

Mitigation & patch

Patches available from the vendor should be applied according to the references. Until the fix is deployed, it is recommended to restrict network access to ChromaDB instances only to trusted hosts and monitor requests directed to the /api/v2/tenants/{tenant}/databases/{db}/collections endpoint for the presence of the trust_remote_code parameter.

Who is affected

ChromaDB Python project in version 1.0.0 and later

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth BypassDeserialization
CWE
References