Product
CVE-2026-24516 is a command injection vulnerability in DigitalOcean Droplet Agent through 1.3.2, allowing attackers to execute arbitrary OS commands with root privileges by manipulating metadata responses due to insufficient input validation in the troubleshooting actioner component.