CVE-2026-45832
published 2026-06-12CVE-2026-45832: All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers to bypass…
PriorityP354high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.28%
20.1th percentile
All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers to bypass authorization controls by using the V1 endpoints.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chroma | chromadb | 0.5.0 – * | — |
| rhelai3 | bootc-cuda-rhel9 | — | — |
| rhelai3 | bootc-gaudi-rhel9 | — | — |
| rhelai3 | bootc-rocm-rhel9 | — | — |
| rhelai3 | disk-image-cuda-rhel9 | — | — |
| rhoai | odh-autorag-rhel9 | — | — |
| trychroma | chromadb | 0.5.0 – 1.5.9 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.8HIGHCVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
chromadb: ChromaDB: Authorization bypass in V1 collection-level endpoints
vendor_redhat·2026-06-12·CVSS 8.8
CVE-2026-45832 [HIGH] CWE-551 chromadb: ChromaDB: Authorization bypass in V1 collection-level endpoints
chromadb: ChromaDB: Authorization bypass in V1 collection-level endpoints
All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers to bypass authorization controls by using the V1 endpoints.
A flaw was found in ChromaDB. All V1 collection-level endpoints in the Python project pass null values for tenant and database to the authorization layer. This allows a remote attacker to bypass authorization controls by utilizing these V1 endpoints. The primary consequence is unauthorized access, potentially leading to high impact on confidentiality and integrity of data.
Statement: This flaw is a post-authentication tenant-isolation bypass on ChromaDB’s V1 API — it does not grant unauthenticated access and d
GHSA
All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers to bypass authorization controls by using the V1 end
ghsa_unreviewed·2026-06-12
CVE-2026-45832 [HIGH] CWE-639 All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers to bypass authorization controls by using the V1 end
All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers to bypass authorization controls by using the V1 endpoints.
VulDB
Chroma ChromaDB up to 0.5.0 V1 Endpoint authorization
vuldb·2026-06-12·CVSS 8.8
CVE-2026-45832 [HIGH] Chroma ChromaDB up to 0.5.0 V1 Endpoint authorization
A vulnerability described as critical has been identified in Chroma ChromaDB up to 0.5.0. This affects an unknown function of the component V1 Endpoint. The manipulation results in authorization bypass.
This vulnerability is known as CVE-2026-45832. It is possible to launch the attack remotely. No exploit is available.
No detection rules found.
No public exploits indexed.
2026-06-12
Published