CVE-2026-24516 | DigitalOcean Droplet Agent up to 1.3.2 Metadata Service Endpoint actioner.go command injection

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability marked as critical has been reported in DigitalOcean Droplet Agent up to 1.3.2. The affected element is an unknown function of the file internal/troubleshooting/actioner/actioner.go of the component Metadata Service Endpoint. Performing a manipulation results in command injection.

This vulnerability is known as CVE-2026-24516. Remote exploitation of the attack is possible. No exploit is available.

CVE-2026-24516 | DigitalOcean Droplet Agent up to 1.3.2 Metadata Service Endpoint actioner.go command injection

Post correlati

CVE-2024-30329 | Foxit PDF Reader Annotation use after free

CVE-2024-45496 | Red Hat OpenShift Controller Manager insecure inherited permissions

CVE-2025-6374 | D-Link DIR-619L 2.06B01 /goform/formSetACLFilter curTime stack-based overflow

CVE-2025-9408 | zephyrproject-rtos Zephyr up to 4.2 System Call privilege context switching error