Lucene search
K

4 matches found

CVE
CVE
added 2026/06/23 6:10 p.m.14 views

CVE-2026-54321

CVE-2026-54321 (Daytona) : Sandboxes that were switched from public to private could remain reachable without authentication for a short period due to a cached visibility state not invalidated on change. This affected Daytona versions 0.101.0 through 0.184.0 and allowed unauthenticated access to ...

7CVSS6.3AI score0.00249EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 6:10 p.m.48 views

CVE-2026-54321 Daytona: Public sandbox previews remain accessible for up to one hour after being made private

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. From 0.101.0 until 0.184.0, sandbox previews that were switched from public to private could remain reachable without authentication for a short period after the change, due to a cached...

7CVSS0.00249EPSS
Exploits0References1
OSV
OSV
added 2026/06/16 9:5 p.m.6 views

GHSA-WW63-PV5X-VFC8 Daytona: Public sandbox previews remain accessible for up to one hour after being made private

Summary Sandbox previews that were switched from public to private could remain reachable without authentication for a short period after the change, due to a cached visibility state that was not invalidated when the sandbox's visibility changed. Impact When a sandbox owner changed a preview from...

7CVSS5.8AI score0.00249EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/16 9:5 p.m.10 views

Daytona: Public sandbox previews remain accessible for up to one hour after being made private

Summary Sandbox previews that were switched from public to private could remain reachable without authentication for a short period after the change, due to a cached visibility state that was not invalidated when the sandbox's visibility changed. Impact When a sandbox owner changed a preview from...

7CVSS5.8AI score0.00249EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder