Lucene search
K

7 matches found

NVD
NVD
added 10 hours ago4 views

CVE-2026-48892

The Config API in Apache Airflow surfaced per-key secrets-backend overrides environment variables like AIRFLOWSECRETSBACKENDKWARGSECRETID and AIRFLOWWORKERSSECRETSBACKENDKWARGSECRETID as synthetic config options whose option names were not in sensitiveconfigvalues, so the masker did not redact...

6.5CVSS
Exploits0References3
CVE
CVE
added 11 hours ago4 views

CVE-2026-48892

CVE-2026-48892 : Apache Airflow's Config API leaks per-key secrets-backend overrides via environment variables (e.g., AIRFLOW__SECRETS__BACKEND_KWARG__SECRET_ID, AIRFLOW__WORKERS__SECRETS_BACKEND_KWARG__SECRET_ID) that are not in sensitive_config_values, allowing an authenticated UI/API user with...

6.5CVSS6AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 11 hours ago4 views

CVE-2026-48892

The Config API in Apache Airflow surfaced per-key secrets-backend overrides environment variables like AIRFLOWSECRETSBACKENDKWARGSECRETID and AIRFLOWWORKERSSECRETSBACKENDKWARGSECRETID as synthetic config options whose option names were not in sensitiveconfigvalues, so the masker did not redact...

6.5CVSS6AI score
Exploits0References3
Cvelist
Cvelist
added 11 hours ago7 views

CVE-2026-48892 Apache Airflow: Config API leaks per-key secrets backend kwargs - masker bypass on synthetic options

The Config API in Apache Airflow surfaced per-key secrets-backend overrides environment variables like AIRFLOWSECRETSBACKENDKWARGSECRETID and AIRFLOWWORKERSSECRETSBACKENDKWARGSECRETID as synthetic config options whose option names were not in sensitiveconfigvalues, so the masker did not redact...

Exploits0References2
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.7 views

sr-npm (=1.7.308) potentially affected by unknown CVE via wix-secrets-backend (=0.0.1-security)

wix-secrets-backend NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on wix-secrets-backend and may be impacted: - sr-npm =1.7.308 Source cves: unknown CVE Source advisory: OSV:MAL-2025-39369...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in wix-secrets-backend (npm)

The package wix-secrets-backend was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-39369 Malicious code in wix-secrets-backend (npm)

The package wix-secrets-backend was found to contain malicious code...

7.2AI score
Exploits0
Rows per page
Query Builder