Exploit for CVE-2026-45829

FULL-A...

1claw-crewai-tools (=0.1.0), 4dpocket (>=0.1.3 <=0.1.4) +1516 more potentially affected by CVE-2026-45829 via chromadb (>=1.0.0 <=1.5.9)

chromadb PYPI version =1.0.0, =0.1.3, =0.1.0, =0.1.0, =1.0.0, =0.2.0, =0.6.4, =0.0.4, =0.1.0, =1.0.1, =1.0.0, =1.0.29 and more Source cves: CVE-2026-45829 Source advisory: OSV:GHSA-F4J7-R4Q5-QW2C...

CVE-2026-45829

A flaw was found in the ChromaDB Python project. This pre-authentication code injection vulnerability allows an unauthenticated attacker to execute arbitrary code on the server. The attacker can achieve this by sending a malicious model repository to the...

01os (>=0.0.5 <=0.0.13), 1claw-crewai-tools (=0.1.0) +1779 more potentially affected by CVE-2026-45829 via chromadb (>=0.3.21 <=1.5.9)

chromadb PYPI version =0.3.21, =0.0.5, =0.1.3, =0.1.0, =0.1.0, =1.0.0, =0.2.0, =0.6.4, =0.0.4, =0.1.0, =1.0.1, =1.0.2 and more Source cves: CVE-2026-45829 Source advisory: SNYK:PYTHON-CHROMADB-16758047...

CVE-2026-45829

A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trustremotecode set to true in...