CVE-2026-45831
published 2026-06-12CVE-2026-45831: The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given…
PriorityP354high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.24%
14.6th percentile
The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, database, or collection that permission applies to allowing users to perform cross tenant actions.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chroma | chromadb | 0.5.0 – * | — |
| rhelai3 | bootc-cuda-rhel9 | — | — |
| rhelai3 | bootc-gaudi-rhel9 | — | — |
| rhelai3 | bootc-rocm-rhel9 | — | — |
| rhelai3 | disk-image-cuda-rhel9 | — | — |
| rhoai | odh-autorag-rhel9 | — | — |
| trychroma | chromadb | 0.5.0 – 1.5.9 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.8HIGHCVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
ChromaDB: ChromaDB: Unauthorized cross-tenant actions due to improper authorization checks
vendor_redhat·2026-06-12·CVSS 8.8
CVE-2026-45831 [HIGH] CWE-1220 ChromaDB: ChromaDB: Unauthorized cross-tenant actions due to improper authorization checks
ChromaDB: ChromaDB: Unauthorized cross-tenant actions due to improper authorization checks
The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, database, or collection that permission applies to allowing users to perform cross tenant actions.
A flaw was found in the SimpleRBACAuthorizationProvider authorization provider in the ChromaDB Python project. This vulnerability allows an authenticated user to perform actions across different tenants, databases, or collections without proper authorization. The provider incorrectly evaluates user permissions without verifying the specific scope (tenant, database, or collection) to which those permissions
VulDB
Chroma ChromaDB up to 0.5.0 authorization
vuldb·2026-06-12·CVSS 8.8
CVE-2026-45831 [HIGH] Chroma ChromaDB up to 0.5.0 authorization
A vulnerability marked as critical has been reported in Chroma ChromaDB up to 0.5.0. The impacted element is an unknown function. The manipulation leads to incorrect authorization.
This vulnerability is traded as CVE-2026-45831. It is possible to initiate the attack remotely. There is no exploit available.
GHSA
The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, da
ghsa_unreviewed·2026-06-12
CVE-2026-45831 [HIGH] CWE-863 The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, da
The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, database, or collection that permission applies to allowing users to perform cross tenant actions.
No detection rules found.
No public exploits indexed.
2026-06-12
Published