CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

3.1CVSS5.8AI score0.00045EPSS

Apache Airflow security vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow. The...

CNNVD•added 5 days ago•5 views

Apache Airflow code vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained code vulnerabilities. These vulnerabilities stemmed from the authentication...

9.1CVSS5.9AI score0.00039EPSS

Positive Technologies•added 5 days ago•8 views

PT-2026-45399

Name of the Vulnerable Software and Affected Versions Apache Fesod Incubating fesod-sheet versions prior to 2.0.2-incubating Description Server-Side Request Forgery SSRF in the UrlImageConverter component allows attackers to trigger outbound network requests to internal or restricted resources by...

5.3CVSS5.8AI score0.0013EPSS

Exploits0References9

OSV•added 5 days ago•5 views

OPENSUSE-SU-2026:10919-1 apache-sshd-2.18.0-1.1 on GA media

These are all security issues fixed in the apache-sshd-2.18.0-1.1 package on the GA media of openSUSE Tumbleweed...

7.1CVSS6.5AI score0.00095EPSS

9.1CVSS5.8AI score0.00051EPSS

Apache Airflow security vulnerabilities

CNNVD•added 5 days ago•5 views

Apache MINA SSHD security vulnerability

Apache MINA SSHD is a pure Java library from the Apache Foundation that supports the SSH protocol on both the client and server sides. Apache MINA SSHD has a security vulnerability caused by path traversal, which may allow authenticated users to access git repositories outside of the configured g...

7.1CVSS5.8AI score0.00095EPSS

Positive Technologies•added 5 days ago•8 views

PT-2026-45377

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.7 Apache ActiveMQ versions 6.0.0 through 6.2.5 Description Incomplete authorization in the server allows authenticated connections to remove existing destinations when they possess the proper permissions...

4.3CVSS5.4AI score0.00058EPSS

Exploits0References5

7.5CVSS5.8AI score0.00061EPSS

Apache Airflow security vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...

8.8CVSS5.8AI score0.00053EPSS

Apache Airflow security vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the use of...

5.3CVSS5.8AI score0.0013EPSS

Apache Fesod security vulnerabilities

Apache Fesod is a high-performance spreadsheet file reading and writing library developed by the Apache Foundation in the United States. Versions of Apache Fesod prior to 2.0.2-incubating contained security vulnerabilities. These vulnerabilities were caused by a request forgeing issue in the...

Exploits0References5

Positive Technologies•added 5 days ago•7 views

PT-2026-45379

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description A bug in the authentication manager logout handling allows previously issued JSON Web Tokens JWT to remain valid after a user logs out via the user interface. In deployments configured with...

6.5CVSS5.5AI score0.00039EPSS

Exploits0References7

7.2CVSS5.8AI score0.00085EPSS

Apache Airflow security vulnerabilities

Positive Technologies•added 5 days ago•9 views

PT-2026-45368

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbash command="echo value: dag run.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

9.1CVSS5.8AI score0.00051EPSS

Exploits0References6

7.3CVSS5.8AI score0.00065EPSS

Apache Airflow security vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the...

6.5CVSS5.8AI score0.00037EPSS

Apache Airflow security vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. Prior to Apache Airflow 3.2.2, there were security...