CVE-2026-49298

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

CVE-2026-49298

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

CVE-2026-49298

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

CVE-2026-49298 Apache Airflow: JWT Token Exposure in KubernetesExecutor Command-Line Arguments

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

CVE-2026-49298

Summary: CVE-2026-49298 affects Apache Airflow when using the KubernetesExecutor. JWT tokens used by worker pods to authenticate to the Execution API are exposed as command-line arguments in the pod spec, enabling a user with Kubernetes read-only access (pods/get) to harvest a token and perform s...

CVE-2026-49298 Apache Airflow: JWT Token Exposure in KubernetesExecutor Command-Line Arguments

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

PT-2026-45384

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

PT-2026-40118

Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the user, but it does so using the unsafe exec function without any sandboxing, validation, or security...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the HITL endpoints of the Execution API. An attacker can gain unauthorized access to read, approve, or reject workflows belonging to other task instances by sending crafted requests as an authenticated user...

GHSA-8X34-9Q3V-H7G8 Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization

Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop HITL endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to...

PYSEC-2026-17

Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop HITL endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to...

CVE-2026-30911 Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization

Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop HITL endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to...

CVE-2026-30911

CVE-2026-30911 affects Apache Airflow versions 3.1.0–3.1.7, where the Execution API’s Human-in-the-Loop (HITL) endpoints lack proper authorization. This allows any authenticated task instance to read, approve, or reject HITL workflows belonging to other task instances. Root cause: missing access ...

EUVD-2021-19569

Malware in sbrugna...

PT-2025-30448 · Db-Gpt · Db-Gpt

Name of the Vulnerable Software and Affected Versions: DB-GPT version 0.7.0 Description: A file upload issue exists in the agent.hub.controller.refresh plugins component of DB-GPT. This allows remote attackers to execute arbitrary code by uploading a malicious plugin ZIP file to the...

CVE-2025-24922

A stack-based buffer overflow vulnerability exists in the securebioidentify functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted malicious cvobject can lead to a arbitrary code execution. An attacker can issue an API call to...

CVE-2021-21413

isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to...

PT-2025-20074 · Lemesconsultoria · Lemesconsultoria Hcm Galera.App

Name of the Vulnerable Software and Affected Versions: lemesconsultoria HCM galera.app version 4.58.0 Description: The issue allows an attacker to execute arbitrary code via multiple API endpoints, including "/ted/solicitacao treinamento/", "/rh/metas/perspectiva estrategica/edicao/",...

CVE-2024-12215

CVE-2024-12215 — Kedro 0.19.8 : The pull_package() API path can execute the tarball’s setup.py via project_wheel_metadata(), enabling remote code execution (RCE) by running arbitrary commands on the victim’s machine. The vulnerability affects kedro-org/kedro and is documented with RCE impact and ...

PT-2025-12284 · Superagi · Superagi

Name of the Vulnerable Software and Affected Versions: SuperAGI affected versions not specified Description: SuperAGI is vulnerable to remote code execution. The agent template update API allows attackers to control certain parameters, which are then fed to the eval function without any...