Critical ChromaDB Flaw Exposes AI Vector Databases to Remote Code Execution

ChromaDB's FastAPI server has an authentication-ordering flaw (CVE-2026-45829, 'ChromaToast') that processes client-supplied embedding configuration and loads HuggingFace models before enforcing authentication; with trust_remote_code enabled an attacker can achieve unauthenticated remote code execution on versions 1.0.0–1.5.8. The report documents a demonstration, indicates widespread exposure (~73% of internet-facing instances scanned), outlines severe impacts (process takeover, secret/data access, lateral movement), and recommends mitigations such as using the Rust deployment, restricting network exposure, and avoiding external model references.