CVE-2026-45829 | Chroma ChromaDB up to 1.0.0 Model collections code injection (ID 6717)

A vulnerability described as critical has been identified in Chroma ChromaDB up to 1.0.0. This vulnerability affects unknown code of the file the /api/v2/tenants/{tenant}/databases/{db}/collections of the component Model Handler. The manipulation results in code injection.

This vulnerability was named CVE-2026-45829. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More