CVE-2026-54323 daytonaio CVE debrief

Who should care

Users of Daytona prior to version 0.185.0 should be aware of this vulnerability and take steps to mitigate it. This includes upgrading to version 0.185.0 or later, and ensuring that TLS certificate verification is enabled for git clone operations. Additionally, users should be cautious when using git clone with credentials, and consider using alternative authentication methods.

Technical summary

The vulnerability exists in the Daytona daemon's git clone implementation, where TLS certificate verification is disabled. This allows an attacker to intercept clone traffic, present any TLS certificate, capture Git credentials, and serve tampered repository content into the sandbox. The vulnerability is fixed in version 0.185.0, which enables TLS certificate verification for git clone operations.

Defensive priority

This vulnerability has a CVSS score of 5.9 and a MEDIUM severity rating. Users should prioritize upgrading to version 0.185.0 or later to mitigate this vulnerability.

Recommended defensive actions

• Upgrade to Daytona version 0.185.0 or later
• Enable TLS certificate verification for git clone operations
• Use alternative authentication methods for git clone operations
• Monitor for suspicious git clone activity
• Review and update git clone workflows to ensure secure practices

Evidence notes

The CVE-2026-54323 vulnerability was reported via the National Vulnerability Database (NVD) and is tracked under the identifier CVE-2026-54323. The vulnerability has a CVSS score of 5.9 and a MEDIUM severity rating. The vulnerability is fixed in Daytona version 0.185.0.

Official resources