ChromaDB Python FastAPI unauthenticated RCE (CVE-2026-45829)
Vulnerability
Summary
Hide ▲
Show ▼
A max-severity flaw in ChromaDB's Python FastAPI server lets unauthenticated attackers run arbitrary code on exposed servers, making internet-facing deployments vulnerable to takeover. The issue is tracked as CVE-2026-45829 and was reported on February 17 by HiddenLayer. The vulnerable API path can be abused before authentication is enforced, so a crafted request can trigger code execution first. Deployments kept local or moved to the Rust frontend are not affected, but public Python deployments remain at risk until the fix is confirmed.
Related Happenings
ChromaDB Python API exposure mitigation (CVE-2026-45829)
Advisory/Mitigation
First: 20.05.2026 01:25
Last: 20.05.2026 01:25
Sources 1
How related:
Until it becomes clear that CVE-2026-45829 has been patched, the recommendation for impacted users is to pick the Rust frontend for their deployments or avoid exposing the Python server publicly. Another mitigation is to restrict network access to the ChromaDB API port.
About this happening:
**HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...
ChromaDB Python API exposure mitigation (CVE-2026-45829)
Advisory/MitigationHow related: Until it becomes clear that CVE-2026-45829 has been patched, the recommendation for impacted users is to pick the Rust frontend for their deployments or avoid exposing the Python server publicly. Another mitigation is to restrict network access to the ChromaDB API port.
About this happening: **HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...
Timeline
-
20.05.2026 01:25 2 articles · 7d ago
HiddenLayer reports CVE-2026-45829 in ChromaDB Python FastAPI server
Initial DisclosureHiddenLayer reports CVE-2026-45829 to ChromaDB on February 17, describing a max-severity flaw in the Python FastAPI server that lets unauthenticated attackers send crafted requests to load a malicious Hugging Face model and execute arbitrary code on exposed servers before authentication is checked. Local deployments without public API exposure and deployments using the Rust frontend are not affected.
Show sources
- Max-severity flaw in ChromaDB for AI apps allows server hijacking — www.bleepingcomputer.com — 20.05.2026 01:25
- Max-severity flaw in ChromaDB for AI apps allows server hijacking — www.bleepingcomputer.com — 20.05.2026 01:25