PatchSiren cyber security CVE debrief
CVE-2026-45833 Chroma CVE debrief
CVE-2026-45833 is a critical code injection vulnerability in the ChromaDB Python project, affecting versions 0.4.17 or later. An authenticated attacker with the UPDATE_COLLECTION permission can exploit this vulnerability by sending a malicious model repository and setting trust_remote_code to true in the /api/v2/tenants/default_tenant/databases/default_database/collections/{collection_id} endpoint, allowing them to run arbitrary code on the server.
- Vendor
- Chroma
- Product
- ChromaDB
- CVSS
- CRITICAL 9.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Users of ChromaDB Python project versions 0.4.17 or later, especially those with the UPDATE_COLLECTION permission, should be aware of this critical vulnerability.
Technical summary
The vulnerability has a CVSS score of 9.4 and is classified as CRITICAL. It requires low attack complexity and can be exploited over the network with low privileges.
Defensive priority
High
Recommended defensive actions
- Update to a patched version of ChromaDB Python project, if available.
- Restrict UPDATE_COLLECTION permission to only necessary users.
- Monitor the /api/v2/tenants/default_tenant/databases/default_database/collections/{collection_id} endpoint for suspicious activity.
- Consider setting trust_remote_code to false, if possible.
Evidence notes
Evidence from Hiddenlayer suggests that this vulnerability exists in ChromaDB Python project.
Official resources
-
CVE-2026-45833 CVE record
CVE.org
-
CVE-2026-45833 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
6f8de1f0-f67e-45a6-b68f-98777fdb759c
CVE-2026-45833 was published on 2026-06-12T16:16:29.070Z and modified on 2026-06-12T17:16:23.473Z.