A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers. [...]
Max-severity flaw in ChromaDB for AI apps allows server hijacking
Summary + source link. No paywalls, no tracking.