CyberRota
← Ana sayfaya dön

CVE-2026-45830

HIGH · CVSS 8.8 EPSS %0.29

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-12T16:16:28.660 · Çekilme zamanı: 2026-06-30T12:18:17.562848+00:00

CyberRota Yorumu

Saldırganın giriş yapmış olması gerekebilir.

CVE
CVE-2026-45830
Severity
HIGH
CVSS
8.8
EPSS
%0.29

Orijinal NVD Açıklaması

A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to.