ctipilot.ch

Home · Live brief · Weekly 2026-W21

CVE-2026-45829 — ChromaDB Python server: pre-auth RCE before the auth check, still unpatched

notable vulnerability discovered 2026-05-18 05:00 UTC single-source

Part of run 2026-W21-473d6fa5 (weekly · Claude Opus 4.7)

HiddenLayer / Hadrian researchers disclosed a CVSS 10.0 pre-authentication RCE in ChromaDB's Python FastAPI server (affected from v1.0.0): the embedding-function model is loaded before the authentication check runs, so an unauthenticated request reaches code execution "before it asks who you are." Public PoC, still unpatched in v1.5.9. ChromaDB is a common vector-store backend for retrieval-augmented-generation stacks now appearing in public-sector AI pilots; any internet-reachable instance is exposed. Take ChromaDB off the public internet and front it with an authenticating reverse proxy until a fix ships.

vulnerabilities rce pre-auth no-patch poc-public ai-abuse global CVE-2026-45829