Lucene search
K

29 matches found

Cvelist
Cvelist
added last week37 views

CVE-2026-33264 Apache Airflow: DAG author RCE on webserver via unrestricted import_string() in BaseSerialization.deserialize()

A bug in BaseSerialization.deserialize allowed unrestricted importstring of attacker-controlled class paths when the Scheduler / API Server loaded a serialized DAG: a DAG author could embed a malicious trigger into a DAG to gain remote code execution on the API Server / Scheduler process, crossin...

0.01649EPSS
Exploits0References3
OSV
OSV
added last week2 views

CVE-2026-33264 Apache Airflow: DAG author RCE on webserver via unrestricted import_string() in BaseSerialization.deserialize()

A bug in BaseSerialization.deserialize allowed unrestricted importstring of attacker-controlled class paths when the Scheduler / API Server loaded a serialized DAG: a DAG author could embed a malicious trigger into a DAG to gain remote code execution on the API Server / Scheduler process, crossin...

9.8CVSS6.7AI score0.01649EPSS
Exploits0References7
PyPA
PyPA
added 2026/06/01 9:16 a.m.13 views

PYSEC-2026-186

Apache Airflow's scheduler-side deadline-reference decoder SerializedCustomReference.deserializereference imported and dispatched arbitrary class paths drawn from DAG-author-controlled serialized state without an allowlist or plugin-registry gate. A DAG author whose code reaches the scheduler — t...

7.3CVSS6AI score0.00651EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/06/01 9:16 a.m.12 views

PYSEC-0000-CVE-2026-45360

Apache Airflow's scheduler-side deadline-reference decoder SerializedCustomReference.deserializereference imported and dispatched arbitrary class paths drawn from DAG-author-controlled serialized state without an allowlist or plugin-registry gate. A DAG author whose code reaches the scheduler — t...

7.3CVSS6AI score0.00651EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/01 9:16 a.m.25 views

PYSEC-2026-181

A Dag author could either a create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process read-path attack — e.g. /etc/passwd or airflow.cfg or b supply a taskid containing .. sequences accepted by the Task SDK's KEYREGEX write-path attack, and...

6.5CVSS5.9AI score0.00665EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/01 7:48 a.m.10 views

CVE-2026-45360 Apache Airflow: Arbitrary import in custom deadline-reference deserialization

Apache Airflow's scheduler-side deadline-reference decoder SerializedCustomReference.deserializereference imported and dispatched arbitrary class paths drawn from DAG-author-controlled serialized state without an allowlist or plugin-registry gate. A DAG author whose code reaches the scheduler — t...

6AI score0.00651EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 7:48 a.m.13 views

EUVD-2026-33587

Apache Airflow's scheduler-side deadline-reference decoder SerializedCustomReference.deserializereference imported and dispatched arbitrary class paths drawn from DAG-author-controlled serialized state without an allowlist or plugin-registry gate. A DAG author whose code reaches the scheduler — t...

6AI score0.00651EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.21 views

PT-2026-45374

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description The scheduler-side deadline-reference decoder SerializedCustomReference.deserialize reference imports and dispatches arbitrary class paths from serialized state controlled by a DAG author...

7.3CVSS5.8AI score0.00651EPSS
Exploits0References7
Snyk
Snyk
added 2026/04/18 9:30 a.m.4 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to improper XCom value handling. An attacker that is a Dag Author who normally should not be able to execute code in the webserver context can execute arbitrary code by crafting malicious XCom...

7.2CVSS6.1AI score0.00822EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/10 2:9 p.m.3 views

CVE-2025-69219

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airflow, the likelihood of it making any damage is low...

8.8CVSS5.9AI score0.00695EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/09 12:31 p.m.5 views

EUVD-2025-208402

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airflow, the likelihood of it making any damage is low...

8.8CVSS5.9AI score0.00695EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/09 12:31 p.m.5 views

EUVD-2025-208401

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airflow, the likelihood of it making any damage is low...

8.8CVSS5.9AI score0.00695EPSS
Exploits1References4
NVD
NVD
added 2026/03/09 11:16 a.m.6 views

CVE-2025-69219

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airflow, the likelihood of it making any damage is low...

8.8CVSS0.00695EPSS
Exploits1References3
OSV
OSV
added 2026/03/09 10:19 a.m.5 views

CVE-2025-69219 Apache Airflow Providers Http: Unsafe Pickle Deserialization in apache-airflow-providers-http leading to RCE via HttpOperator

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airflow, the likelihood of it making any damage is low...

8.8CVSS7.3AI score0.00695EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.9 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, whic...

8.8CVSS5.9AI score0.00695EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/25 10:16 a.m.6 views

CVE-2024-56373

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.7AI score0.01134EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 10:16 a.m.22 views

CVE-2024-56373

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS0.01134EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/24 10:6 a.m.9 views

EUVD-2024-55432

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.7AI score0.01134EPSS
Exploits0References2
CVE
CVE
added 2026/02/24 10:6 a.m.48 views

CVE-2024-56373

Summary of CVE-2024-56373 : Apache Airflow 2.x contains a vulnerability in the log template history mechanism that can allow a user (DAG Author) with existing permissions to manipulate the Airflow database and execute arbitrary code in the web-server context, leading to potential remote code exec...

8.4CVSS6.7AI score0.01134EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/02/24 10:6 a.m.3 views

CVE-2024-56373 Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.8AI score0.01134EPSS
Exploits0References6
Rows per page
Query Builder