Known Vulnerabilities for products from Trychroma
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Trychroma".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45833 json | A code injection vulnerability in version 0.4.17 or later of the ChromaDB Python project allows an authenticated attacker to ... | Not Provided | 2026-06-12 | 2026-06-30 |
| CVE-2026-45832 json | All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization lay... | Not Provided | 2026-06-12 | 2026-06-30 |
| CVE-2026-45831 json | The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluate... | Not Provided | 2026-06-12 | 2026-06-16 |
| CVE-2026-45830 json | A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authenticated users t... | Not Provided | 2026-06-12 | 2026-06-30 |