CVE-2026-54324
Daytona: Cross-tenant data leak in notification WebSocket gateway via unverified organizationId join
Description
### Summary A cross-tenant authorization flaw in Daytona's notification WebSocket gateway allowed any authenticated user to subscribe to another organization's realtime notification channel and passively receive that organization's events. ### Impact The notification gateway's JWT handshake joined a client-supplied organization identifier to the corresponding notification room without verifying that the authenticated user was a member of that organization. As a result, an authenticated user could receive another organization's realtime sandbox, snapshot, volume, and runner events, including data carried in those events. This is a cross-tenant confidentiality break. It required a valid account and knowledge of the target organization id (a non-secret UUID); no elevated privileges were needed. The API-key authentication path was not affected. The affected component is the Daytona API service (the `apps/api` NestJS application). It is distributed through Daytona's repository releases and container images for self-hosted deployments; it is not published as a Go or npm package, so the advisory will not surface through `go get` or npm dependency tooling. ### Affected Versions >= 0.101.0, <= 0.184.0 ### Patched Versions 0.185.0 ### Credit @vnth4nhnt from CyStack
How to fix CVE-2026-54324
To remediate CVE-2026-54324, upgrade the affected package to a fixed version below.
- —upgrade to 0.185.0 or later
Is CVE-2026-54324 being exploited?
No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2026-54324.
Affected packages (1)
- from 0, < 0.185.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |