CVE-2026-54320 daytonaio CVE debrief

Who should care

Organizations using Daytona for AI-generated code execution and agent workflows should be aware of this vulnerability, especially if they have not upgraded to version 0.184.0 or later. Security teams and administrators responsible for user invitations and role management within Daytona should prioritize patching and review their current user and invitation management processes.

Technical summary

The vulnerability exists in the organization invitation handling of Daytona, specifically in how it verifies user emails before allowing them to accept or decline invitations. Daytona uses OIDC for user authentication and matches the email in the user's token with the target email of the invitation. However, prior to version 0.184.0, it did not enforce that the email be verified, unlike the process for creating new organizations. This oversight allows an attacker with an unverified email address that matches an invitation to accept it, potentially gaining elevated access within the organization.

Defensive priority

Patching to version 0.184.0 or later is the primary mitigation. Review and adjust user invitation and role management processes to ensure proper email verification and authorization checks are in place.

Recommended defensive actions

• Apply the patch by upgrading Daytona to version 0.184.0 or later.
• Review and update user invitation and role management processes to ensure proper email verification.
• Monitor user activities and role assignments within Daytona for any suspicious changes.
• Verify email verification status for all users with elevated roles.
• Implement additional logging and monitoring for organization invitation workflows.

Evidence notes

The CVE-2026-54320 record and associated NVD details were referenced. The vulnerability is described as allowing unverified email users to accept organization invitations, with a CVSS score of 8.4 and HIGH severity. The fix is included in Daytona version 0.184.0.

Official resources