2 matches found
CVE-2026-49267
Apache Airflow is affected where EmailOperator and airflow.utils.email establish SMTP STARTTLS without remote-certificate verification when smtp_starttls=True and smtp_ssl=False, enabling a network MITM to capture SMTP AUTH credentials and message contents. The issue is the core Airflow side, rel...
CVE-2026-49267
creationtimestamp| type| source ---|---|--- 2026-05-31 12:43:41+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mn5lqqqiav2d...