{"api_version":"1","generated_at":"2026-06-24T10:34:41+00:00","cve":"CVE-2026-54324","urls":{"html":"https://cve.report/CVE-2026-54324","api":"https://cve.report/api/cve/CVE-2026-54324.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-54324","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-54324"},"summary":{"title":"Daytona: Cross-tenant data leak in notification WebSocket gateway via unverified organizationId join","description":"Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant authorization flaw in Daytona's notification WebSocket gateway allowed any authenticated user to subscribe to another organization's realtime notification channel and passively receive that organization's events. This vulnerability is fixed in 0.185.0.","state":"PUBLISHED","assigner":"GitHub_M","published_at":"2026-06-23 18:18:09","updated_at":"2026-06-23 19:35:45"},"problem_types":["CWE-639","CWE-863","CWE-639 CWE-639: Authorization Bypass Through User-Controlled Key","CWE-863 CWE-863: Incorrect Authorization"],"metrics":[{"version":"3.1","source":"security-advisories@github.com","type":"Secondary","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}}],"references":[{"url":"https://github.com/daytonaio/daytona/security/advisories/GHSA-qwxf-2m7m-2m3x","name":"https://github.com/daytonaio/daytona/security/advisories/GHSA-qwxf-2m7m-2m3x","refsource":"security-advisories@github.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-54324","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-54324","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"daytonaio","product":"daytona","version":"affected < 0.185.0","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"product":"daytona","vendor":"daytonaio","versions":[{"status":"affected","version":"< 0.185.0"}]}],"descriptions":[{"lang":"en","value":"Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant authorization flaw in Daytona's notification WebSocket gateway allowed any authenticated user to subscribe to another organization's realtime notification channel and passively receive that organization's events. This vulnerability is fixed in 0.185.0."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-639","description":"CWE-639: Authorization Bypass Through User-Controlled Key","lang":"en","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-863","description":"CWE-863: Incorrect Authorization","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-23T18:07:23.745Z","orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M"},"references":[{"name":"https://github.com/daytonaio/daytona/security/advisories/GHSA-qwxf-2m7m-2m3x","tags":["x_refsource_CONFIRM"],"url":"https://github.com/daytonaio/daytona/security/advisories/GHSA-qwxf-2m7m-2m3x"}],"source":{"advisory":"GHSA-qwxf-2m7m-2m3x","discovery":"UNKNOWN"},"title":"Daytona: Cross-tenant data leak in notification WebSocket gateway via unverified organizationId join"}},"cveMetadata":{"assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","cveId":"CVE-2026-54324","datePublished":"2026-06-23T18:07:23.745Z","dateReserved":"2026-06-12T18:42:02.223Z","dateUpdated":"2026-06-23T18:07:23.745Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-23 18:18:09","lastModifiedDate":"2026-06-23 19:35:45","problem_types":["CWE-639","CWE-863","CWE-639 CWE-639: Authorization Bypass Through User-Controlled Key","CWE-863 CWE-863: Incorrect Authorization"],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"54324","Ordinal":"1","Title":"Daytona: Cross-tenant data leak in notification WebSocket gatewa","CVE":"CVE-2026-54324","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"54324","Ordinal":"1","NoteData":"Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant authorization flaw in Daytona's notification WebSocket gateway allowed any authenticated user to subscribe to another organization's realtime notification channel and passively receive that organization's events. This vulnerability is fixed in 0.185.0.","Type":"Description","Title":"Daytona: Cross-tenant data leak in notification WebSocket gatewa"}]}}}