CVE-2026-54324

MEDIUM 6.5

Daytona: Cross-tenant data leak in notification WebSocket gateway via unverified organizationId join

CVSS Score

6.5

EPSS Score

0.0%

EPSS Percentile

0th

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant authorization flaw in Daytona's notification WebSocket gateway allowed any authenticated user to subscribe to another organization's realtime notification channel and passively receive that organization's events. This vulnerability is fixed in 0.185.0.

CWE	CWE-639 CWE-863
Vendor	daytonaio
Product	daytona
Published	Jun 23, 2026

Stay Ahead of the Next One

Get instant alerts for daytonaio daytona

Be the first to know when new medium vulnerabilities affecting daytonaio daytona are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected Versions

daytonaio / daytona

< 0.185.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/daytonaio/daytona/security/advisories/GHSA-qwxf-2m7m-2m3x