| ID | CVE-2026-45832 | ||||||
| Sažetak | All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers to bypass authorization controls by using the V1 endpoints. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | None | ||||||
| Zadnje važnije ažuriranje | 12-06-2026 - 16:23 | ||||||
| Objavljeno | 12-06-2026 - 16:16 |
