CVE-2026-45192

A bug in the GET /api/v2/connections/connectionid REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connection's extra JSON blob under field names not present in the redaction allowlist DEFAULTSENSITIVEFIELDS —...

BIT-AIRFLOW-2026-42360 Apache Airflow: Rendered template truncation bypasses nested sensitive-key masking

A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking e.g. nested password / token / secret / apikey keys inside a JSON template structure to be bypassed when the rendered field exceeded core maxtemplatedfieldlength: Airflow stringified the structure befor...

CVE-2026-41014

The partitioneddagruns endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerate partition run state, schedule configuration, and asset wiring for Dags they were not authorized to...

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +162 more potentially affected by CVE-2026-42360 via apache-airflow (>=1.8.2 <=3.2.1rc3)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.1, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =1.6.0 and more Source cves: CVE-2026-42360 Source advisory: OSV:PYSEC-2026-172...

CVE-2026-45426

Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag. Apache Airflow's Log server authorized JWT tokens against Dag IDs by applying Python's str.lstrip to the requested path segment when verifying the JWT's sub...

PYSEC-2026-174

Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag. Apache Airflow's Log server authorized JWT tokens against Dag IDs by applying Python's str.lstrip to the requested path segment when verifying the JWT's sub...

airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +38 more potentially affected by CVE-2026-41017 via apache-airflow (>=3.0.0 <=3.2.1rc3)

apache-airflow PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =3.12.0rc1 and more Source cves: CVE-2026-41017 Source advisory: OSV:PYSEC-2026-171...

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute due to the JWTRefreshMiddleware process setting the JWT authentication cookie without the Secure flag. An attacker can hijack user sessions by capturing the JWT cookie from an...

apache-airflow-core (>=3.2.0 <=3.2.1), apache-airflow-providers-google (=5.0.0) +10 more potentially affected by CVE-2026-41084 via apache-airflow (>=3.2.0 <=3.2.1rc3)

apache-airflow PYPI version =3.2.0, =3.2.0, =1.2.0, =13.0.2, =7.2.0, =1.18.3, =1.4.2, =2.1.1, =1.10.3, =1.41.2, =1.28.2, =5.6.2, =5.7.16rc1 Source cves: CVE-2026-41084 Source advisory: OSV:PYSEC-2026-183...

PYSEC-0000-CVE-2026-41014

The partitioneddagruns endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerate partition run state, schedule configuration, and asset wiring for Dags they were not authorized to...

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +162 more potentially affected by CVE-2026-40861 via apache-airflow (>=1.8.2 <=3.2.1rc3)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.1, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =1.6.0 and more Source cves: CVE-2026-40861 Source advisory: OSV:PYSEC-2026-181...

PYSEC-0000-CVE-2026-45192

A bug in the GET /api/v2/connections/connectionid REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connection's extra JSON blob under field names not present in the redaction allowlist DEFAULTSENSITIVEFIELDS —...

CVE-2026-45426

Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag. Apache Airflow's Log server authorized JWT tokens against Dag IDs by applying Python's str.lstrip to the requested path segment when verifying the JWT's sub...

CVE-2026-46764

The CVE-2026-46764 affects Apache Airflow’s Event Log APIs: the detail endpoint GET /api/v2/eventLogs/{event_log_id} returns audit-log rows by numeric ID after only a generic Audit Log permission check, while GET /api/v2/eventLogs applies per-Dag scoping. An authenticated user with audit-log read...

PT-2026-45378

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description The Event Log detail endpoint "GET /api/v2/eventLogs/event log id" fetches audit-log rows directly by numeric ID after performing only a generic Audit Log permission check. This differs from t...

Apache Airflow 信任管理问题漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained a trust management vulnerability. This vulnerability stemmed from the...

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...

Apache Airflow 日志信息泄露漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. Prior to Apache Airflow 6.5.3, there was a vulnerability...

CVE-2026-32690 Apache Airflow: 3.x - Nested Variable Secret Values Bypass Redaction via max_depth=1

Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored as nested fields were not masked. If you do not store variables with sensitive values in JSON form, you are not affected. Otherwise please upgrade to...

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow. This...