How is CVE-2026-45831 exploited?

Network reachability (required): The attacker must reach the ChromaDB service over the network; the CVSS vector specifies AV:N, meaning no local or physical access is involved. Authentication (required): A low-privilege account is sufficient; the CVSS vector specifies PR:L, so any valid ChromaDB user credential meets the bar. Victim interaction (not-required): No action is needed from another user or administrator; the CVSS vector specifies UI:N. Attack complexity (info): Base exploit conditions are straightforward (AC:L), though the CVSS vector notes AT:P, meaning a specific deployment configuration or timing condition must be present for the attack to succeed reliably.

What is the impact of CVE-2026-45831?

An attacker reads collection contents, embeddings, and metadata belonging to other tenants they have no legitimate access to (VC:H). An attacker writes to, overwrites, or deletes records and collections owned by other tenants or databases (VI:H, SI:H). Cross-scope permission abuse extends to system-level collection and database resources beyond the attacker's own tenant boundary (SC:H). Service availability for the affected component is not directly impacted by this vulnerability (VA:N, SA:N).

Back to search

HIGHCVE-2026-45831Published 2026-06-12Modified 2026-06-12CNA HiddenLayer

CVE-2026-45831: The SimpleRBACAuthorizationProvider authorization provider in versions 0

The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, database, or collection that permission applies to allowing users to perform cross tenant actions.

CVSS v4.0: 8.8
Severity: HIGH
Fixed in: —
Affected Products: 1

HarborGuard Analysis

Synopsis

An authorization-logic flaw in the SimpleRBACAuthorizationProvider component of ChromaDB (versions 0.5.0 and later) allows an authenticated low-privilege user to bypass tenant, database, and collection boundaries. The vulnerability is reachable over the network and requires only a valid low-privilege account; no victim interaction is needed. Successful exploitation lets an attacker read or modify data belonging to other tenants or collections they have no legitimate access to. No fix version has been published yet; HarborGuard tracks the advisory and will surface a patched-image rebuild the moment upstream ships one.

HarborGuard Coverage

Detection

Detection of CVE-2026-45831 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of ingestion from upstream advisory feeds, including custom-built images that bundle ChromaDB. Coverage extends to all registry types and CI pipeline stages connected to a customer account.

Available

Triage

Triage is available with CVSS v4.0 scoring at 8.8 (HIGH), surfaced alongside each customer org's compliance policy weighting to prioritize the finding appropriately. Routing to the correct team inbox within each customer org is part of the standard triage flow.

Available

Patch

Because no upstream fix version has been published for CVE-2026-45831, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment the ChromaDB project ships a corrected release. Customers with auto-remediation enabled will receive the rebuild, a regression-test run, and a PR opened against affected workloads without manual intervention once that fix lands.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The attacker must reach the ChromaDB service over the network; the CVSS vector specifies AV:N, meaning no local or physical access is involved.
AuthenticationRequired
A low-privilege account is sufficient; the CVSS vector specifies PR:L, so any valid ChromaDB user credential meets the bar.
Victim interactionNot required
No action is needed from another user or administrator; the CVSS vector specifies UI:N.
Attack complexityDetail
Base exploit conditions are straightforward (AC:L), though the CVSS vector notes AT:P, meaning a specific deployment configuration or timing condition must be present for the attack to succeed reliably.

Blast Radius

An attacker reads collection contents, embeddings, and metadata belonging to other tenants they have no legitimate access to (VC:H).
An attacker writes to, overwrites, or deletes records and collections owned by other tenants or databases (VI:H, SI:H).
Cross-scope permission abuse extends to system-level collection and database resources beyond the attacker's own tenant boundary (SC:H).
Service availability for the affected component is not directly impacted by this vulnerability (VA:N, SA:N).

How HarborGuard Handles This

Available on HarborGuard: because no upstream fix for CVE-2026-45831 exists at this time, HarborGuard continuously re-evaluates the advisory on every ingest cycle and will surface a patched-image rebuild the moment ChromaDB publishes a corrected release. For customers who opt into auto-remediation, that rebuild will trigger a regression-test run and a PR opened against affected workloads automatically. In the meantime, compensating controls worth evaluating include network-policy isolation to restrict which services can reach ChromaDB endpoints, egress filtering to limit lateral movement from a compromised session, and feature-flag or configuration gating to disable multi-tenant access paths where the application design permits. HarborGuard will push a new finding update to affected image matches as soon as upstream advisory status changes.

See how HarborGuard automates this

Affected packages

Chroma / ChromaDB
≤ *

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

References

hiddenlayer.com

Metrics

Get notified