Home

Description

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.186, a sandbox volume reference (volumeId, which may also be a volume name) was forwarded to the runner and used to build the host bind-mount source path without confinement. A reference containing path-traversal sequences could in principle resolve the mount source outside the intended per-volume base directory. This vulnerability is fixed in 0.186.

PUBLISHED Reserved 2026-06-12 | Published 2026-06-23 | Updated 2026-06-24 | Assigner GitHub_M




MEDIUM: 4.2CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Problem types

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-250: Execution with Unnecessary Privileges

CWE-269: Improper Privilege Management

Product status

< 0.186
affected

References

github.com/...aytona/security/advisories/GHSA-fjv8-j4p5-cr9m

cve.org (CVE-2026-54319)

nvd.nist.gov (CVE-2026-54319)

Download JSON