Skip to main content

Daytona CVE-2026-54320

| EUVDEUVD-2026-38566 HIGH
Improper Authentication (CWE-287)
2026-06-23 GitHub_M
8.4
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
8.4 HIGH
AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
vuln.today AI
8.9 HIGH

Network-reachable invitation endpoint; PR:N because attacker registers a fresh account (no pre-existing privilege); AC:H due to required IdP misconfiguration and knowledge of invited email; scope changes to target org.

3.1 AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
4.0 AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
Low

Lifecycle Timeline

2
Patch available
Jun 23, 2026 - 20:01 EUVD
Analysis Generated
Jun 23, 2026 - 19:20 vuln.today

DescriptionCVE.org

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.184.0, organization invitations could be accepted (and declined) by a user whose email matched the invitation but had not been verified. Daytona authenticates users via OIDC and matches an invitation's target email against the email in the caller's token, but the invitation accept and decline paths did not require that email to be verified, unlike organization creation, which already enforced verification. On identity providers that allow self-service signup and issue a session before the email is verified, an actor could register an address matching a pending invitation, leave it unverified, and accept the invitation, joining the target organization with the role the invitation carried (up to Owner). This vulnerability is fixed in 0.184.0.

AnalysisAI

Authentication bypass in Daytona prior to 0.184.0 allows attackers to join organizations via pending invitations using unverified email addresses. The invitation accept and decline paths failed to enforce email verification (unlike organization creation), so on OIDC identity providers permitting self-service signup with pre-verification sessions, an attacker registering an email matching a pending invite can claim it and inherit the assigned role - up to Owner. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify pending invitation email
Delivery
Register matching account at OIDC IdP
Exploit
Skip email verification
Execution
Obtain OIDC session token
Persist
Call invitation accept endpoint
Impact
Inherit invited role in target organization

Vulnerability AssessmentAI

Exploitation Exploitation requires three concrete conditions: (1) a pending Daytona organization invitation must exist for an email address the attacker can register at the configured OIDC identity provider; (2) that IdP must permit self-service signup AND issue a valid session before email verification (Auth0, Keycloak, and similar with default signup flows commonly do); (3) the attacker must know or guess the invited email address. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 8.4 (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L) reflects scope change and high impact, tempered by AC:H - the attacker must know (or guess/enumerate) a pending invitation's target email, and the IdP must permit signup without pre-verification. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker learns that alice@victim-corp.com has a pending Daytona Owner invitation (via leaked Slack, email, or enumeration of common admin addresses). They register a new account at the OIDC IdP using that exact email, skip the verification step, log into Daytona with the resulting session, and click 'Accept' on the invitation - joining the victim organization as Owner with full control over workspaces and code-execution sandboxes.
Remediation Vendor-released patch: upgrade to Daytona 0.184.0 or later, which adds the missing email-verified check to the invitation accept and decline paths; see https://github.com/daytonaio/daytona/security/advisories/GHSA-m6hx-cffh-3f3h. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Disable organization invitations or immediately audit and revoke all pending invitations; disable OIDC self-service signup at your identity provider. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-54320 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy