Unpatched ChromaDB flaw leaves servers open to remote code execution
Source: Csoonline
Published:
<p>Researchers have published details a critical vulnerability in ChromaDB that could allow unauthenticated attackers to execute arbitrary code and access sensitive data on machines running the open-source vector database.</p> <p>The issue, tracked as CVE-2026-45829, is located in ChromaDB’s API ser