ChromaDB Python: Code Injection via trust_remote_code in Collection Update API (CVE-2026-45833)

critical-cve-against-dependency · active

A code injection flaw in ChromaDB (Python) version 0.4.17 and later lets an authenticated attacker with the UPDATE_COLLECTION permission run arbitrary code on the server by sending a malicious model repository with trust_remote_code set to true. This is rated critical due to remote code execution.

Affected packages

• pypichromadbsee advisory

Sources

• ghsahttps://github.com/advisories/GHSA-36p7-vc44-83pf
• nvdhttps://nvd.nist.gov/vuln/detail/CVE-2026-45833
• google-searchhttps://www.hiddenlayer.com/sai-security-advisory/2026-06-chromadb-5