Critical ChromaDB Flaw Exposes AI Vector Databases to Remote Code Execution
Over Security - Cybersecurity news aggregator [Unofficial]
May 20, 2026
ChromaDB FastAPI vulnerability CVE-2026-45829 (ChromaToast) enables pre-auth RCE via HuggingFace models; affects v1.0.0–1.5.8; high exposure risk now.
Discussion in the ATmosphere