ChromaDB 0.5.0 V1 Endpoints Auth Bypass Passing None Tenant
CVE-2026-45832 Published on June 12, 2026

All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers to bypass authorization controls by using the V1 endpoints.

NVD

Vulnerability Analysis

CVE-2026-45832 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
NONE

Weakness Types

What is an Insecure Direct Object Reference / IDOR Vulnerability?

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

CVE-2026-45832 has been classified to as an Insecure Direct Object Reference / IDOR vulnerability or weakness.

Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

If a web server does not fully parse requested URLs before it examines them for authorization, it may be possible for an attacker to bypass authorization protection. For instance, the character strings /./ and / both mean current directory. If /SomeDirectory is a protected directory and an attacker requests /./SomeDirectory, the attacker may be able to gain access to the resource if /./ is not converted to / before the authorization check is performed.


Products Associated with CVE-2026-45832

stack.watch emails you whenever new vulnerabilities are published in Red Hat Enterprise Linux Ai or Red Hat Openshift Ai. Just hit a watch button to start following.

Red Hat Enterprise Linux Ai
 
Red Hat Openshift Ai
 

Affected Versions

ChromaDB: Red Hat Enterprise Linux AI (RHEL AI) 3: Red Hat OpenShift AI (RHOAI):

Exploit Probability

EPSS
0.45%
Percentile
35.57%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.