Tag
An unpatched pre-authentication remote code execution (RCE) vulnerability, tracked as CVE-2026-45829 and referred to as ChromaToast, in ChromaDB versions 1.0.0 and later allows remote, unauthenticated attackers to execute arbitrary code and leak sensitive information, potentially leading to a server takeover.