CVE-2026-45831
Analyzed Analyzed - Analysis Complete

Cross-Tenant Permission Bypass in ChromaDB

Vulnerability report for CVE-2026-45831, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-12

Last updated on: 2026-06-16

Assigner: HiddenLayer

Description

The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, database, or collection that permission applies to allowing users to perform cross tenant actions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-12
Last Modified
2026-06-16
Generated
2026-07-02
AI Q&A
2026-06-12
EPSS Evaluated
2026-07-01
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
trychroma chromadb From 0.5.0 (inc) to 1.5.9 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The vulnerability in the SimpleRBACAuthorizationProvider allows users to perform cross-tenant actions without proper tenant, database, or collection checks. This could lead to unauthorized access to data across tenants.

Such unauthorized cross-tenant access may result in violations of data protection regulations like GDPR and HIPAA, which require strict access controls and data segregation to protect personal and sensitive information.

Executive Summary

This vulnerability exists in the SimpleRBACAuthorizationProvider component of the ChromaDB Python project, starting from version 0.5.0. The issue is that while the provider checks if a user has a certain permission, it does not verify the context of that permission, such as which tenant, database, or collection it applies to. As a result, users can perform actions across different tenants, bypassing intended access restrictions.

Impact Analysis

Because the authorization provider does not restrict permissions to specific tenants, databases, or collections, an attacker or unauthorized user with certain permissions could perform actions on resources they should not have access to. This can lead to unauthorized data access, data leakage, or manipulation across tenant boundaries, potentially compromising data confidentiality and integrity.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45831. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart