CVE-2026-49297
Apache Airflow Google provider contains a path traversal flaw in GCSToSFTPOperator and GCSTimeSpanFileTransformOperator: GCS object names from bucket listings are joined to a destination path without normalisation or containment checks. A user with write access to a source GCS bucket could create...