Lucene search
K

5 matches found

CVE
CVE
added 2026/06/12 2:50 p.m.15 views

CVE-2026-8828

CVE-2026-8828 describes a lack of authorization validation in ChromaDB Rust (version 1.0.0 and later) that allows any authenticated user to arbitrarily read, write, update, or delete data in any tenant’s collection, regardless of tenant ownership. The core issue is insufficient access control in ...

8.8CVSS5.3AI score0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 2:50 p.m.10 views

CVE-2026-8828

A lack of authorization validation in version 1.0.0 or later of the ChromaDB Rust project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS5.3AI score0.00279EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 2:50 p.m.27 views

CVE-2026-8828

A lack of authorization validation in version 1.0.0 or later of the ChromaDB Rust project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:50 p.m.10 views

EUVD-2026-36464

A lack of authorization validation in version 1.0.0 or later of the ChromaDB Rust project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS5.2AI score0.00279EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-48919

A lack of authorization validation in version 1.0.0 or later of the ChromaDB Rust project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS5.2AI score0.00279EPSS
Exploits0References2
Rows per page
Query Builder