CVE-2026-25219

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

BIT-AIRFLOW-2026-25219 Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

GHSA-4G48-54Q2-FG7Q Apache Airlfow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidently logged to logs, those values could be seen in the logs. Azure...

EUVD-2026-22921

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

Apache Airlfow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidently logged to logs, those values could be seen in the logs. Azure...

CVE-2026-25219

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

CVE-2026-25219

CVE-2026-25219 affects Apache Airflow. The vulnerability arises because the access_key and connection_string fields were not marked as sensitive in secrets masker, enabling users with read access to view these values in the UI and potentially in logs. The documented remediation is to upgrade Airf...

CVE-2026-25219

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

CVE-2026-25219 Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

CVE-2026-25219 Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

The accesskey and connectionstring connection properties were not marked as sensitive names in secrets masker. This means that user with read permission could see the values in Connection UI, as well as when Connection was accidentaly logged to logs, those values could be seen in the logs. Azure...

PT-2026-33058

Name of the Vulnerable Software and Affected Versions Airflow versions prior to 3.1.8 Description The secrets masker failed to mark the access key and connection string connection properties as sensitive. This allows users with read permissions to view these values in the Connection UI...

Malicious code in azure-service-bus-emulator-node-sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 871b655dee4c193ddb7e1b7be9e6a50920aa93049ffc2e663d74a7a5cc79ebff The OpenSSF Package Analysis project identified 'azure-service-bus-emulator-node-sample' @ 10.0.1 npm as malicious. It is considered malicious...

CobaltBus - Cobalt Strike External C2 Integration With Azure Servicebus, C2 Traffic Via Azure Servicebus

Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus Setup 1. Create an Azure Service Bus 2. Create a Shared access policy Connection string that can only Send and Listen 3. Edit the static connectionString variable in Beacon C projects to match the "Primar...