143 matches found
CVE-2025-54941
The CVE-2025-54941 issue affects Apache Airflow, specifically the example_dag_decorator parameter handling. A non-validated parameter in the example DAG allowed a UI user to redirect to a malicious server and execute code on a worker, but exploitation requires that example DAGs are enabled in pro...
CVE-2026-30911
Summary (CVE-2026-30911) Apache Airflow versions 3.1.0–3.1.7 have a missing authorization vulnerability in the Execution API’s Human-in-the-Loop (HITL) endpoints. The issue permits any authenticated task instance to read, approve, or reject HITL workflows belonging to other task instances, effect...
CVE-2026-32690
CVE-2026-32690 affects Apache Airflow 3.x before 3.2.0. The issue is that secrets stored in Variables as JSON dictionaries were not properly redacted; nested secret fields could be exposed when variables are retrieved. Affected patterns involve storing sensitive values in JSON form, and the root ...
CVE-2025-57735
CVE-2025-57735 affects Airflow where a JWT token used to authenticate a user was not invalidated at logout. The provided sources indicate that Airflow 3.2 introduced a logout token-invalidation mechanism, and upgrading to Airflow 3.2.0 or newer fixes the issue. The CVSS vector in the initial desc...
CVE-2025-65995
Airflow CVE-2025-65995 affects the UI error-reporting path: if a DAG fails during parsing, full operator kwargs (potentially containing secrets) could be exposed in tracebacks to users with DAG viewing permissions. Affected products are Apache Airflow; root cause is leakage of sensitive values vi...
CVE-2025-54831
Apache Airflow 3.x (notably 3.0.3) exposes sensitive connection details to users with READ permissions via API/UI, bypassing AIRFLOW__CORE__HIDE_SENSITIVE_VAR_CONN_FIELDS. Affected: Airflow 3.0.3; mitigation is upgrading to 3.0.4 or newer. This issue does not affect Airflow 2.x, where the behavio...
CVE-2026-45426
CVE-2026-45426 describes an authenticated Airflow worker with a valid Log-server JWT for at least one Dag who can abuse Python str.lstrip() in the JWT sub verification to access logs of other Dags. The left-stripping behavior treats a set of characters as deletable, not a prefix, enabling cross-D...
CVE-2026-41017
CVE-2026-41017 affects Apache Airflow where JWTRefreshMiddleware sets the JWT cookie without the Secure flag. This impacts deployments exposing the Airflow API server behind TLS-terminating proxies (e.g., nginx, Envoy, or managed load balancers) and may allow a network-positioned attacker to capt...
CVE-2026-25219
CVE-2026-25219 affects Apache Airflow. The vulnerability arises because the access_key and connection_string fields were not marked as sensitive in secrets masker, enabling users with read access to view these values in the UI and potentially in logs. The documented remediation is to upgrade Airf...
CVE-2026-45192
CVE-2026-45192 concerns Apache Airflow where a bug in GET /api/v2/connections/{connection_id} allowed an authenticated UI/API user with Connection-read permission to access secrets stored in a Connection's extra JSON blob that are not included in the redaction allowlist (DEFAULT_SENSITIVE_FIELDS)...
CVE-2026-46764
The CVE-2026-46764 affects Apache Airflow’s Event Log APIs: the detail endpoint GET /api/v2/eventLogs/{event_log_id} returns audit-log rows by numeric ID after only a generic Audit Log permission check, while GET /api/v2/eventLogs applies per-Dag scoping. An authenticated user with audit-log read...
CVE-2026-49298
Summary: CVE-2026-49298 affects Apache Airflow when using the KubernetesExecutor. JWT tokens used by worker pods to authenticate to the Execution API are exposed as command-line arguments in the pod spec, enabling a user with Kubernetes read-only access (pods/get) to harvest a token and perform s...
CVE-2026-22922
CVE-2026-22922 affects Apache Airflow versions 3.1.0–3.1.6, where an authorization flaw could allow an authenticated user with custom permissions limited to task access to view task logs without task-log access. The issue has been fixed in Airflow 3.1.7 and later. Practical impact is limited to l...
CVE-2026-28563
CVE-2026-28563 affects Apache Airflow, versions 3.1.0–3.1.7. The /ui/dependencies endpoint returns the full DAG dependency graph without filtering by authorized DAG IDs, allowing an authenticated user with only the DAG Dependencies permission to enumerate DAGs they are not authorized to view. Roo...
CVE-2026-41014
Apache Airflow vulnerability CVE-2026-41014 affects the partitioned_dag_runs endpoints in the UI. The issue arises from enforcing only asset-level access control, enabling an authenticated UI/API user with global Asset:read permission to enumerate partition run state, schedule configuration, and ...
CVE-2026-49267
Apache Airflow is affected where EmailOperator and airflow.utils.email establish SMTP STARTTLS without remote-certificate verification when smtp_starttls=True and smtp_ssl=False, enabling a network MITM to capture SMTP AUTH credentials and message contents. The issue is the core Airflow side, rel...
CVE-2026-48726
CVE-2026-48726 describes a bug in Apache Airflow where the logout flow for FabAuthManager and KeycloakAuthManager does not reach revoke_token(), leaving previously issued JWTs valid until expiry. This creates a residual gap after CVE-2025-57735 where cookie-side invalidation was addressed but pro...
CVE-2026-42360
Apache Airflow CVE-2026-42360 describes a vulnerability in the rendered-template field handling where nested sensitive-keys (password/token/secret/api_key) could be exposed if the rendered field exceeded max_templated_field_length. The bug occurs because the structure is stringified before redact...
CVE-2026-38743
The CVE-2026-38743 issue affects Apache Airflow’s authenticated /ui/dags endpoint, where per-DAG access control was not enforced for embedded HITL prompts and TaskInstance records. A user with read access to any DAG could access HITL prompts (including request parameters) and full TaskInstance de...
CVE-2026-40963
The CVE-2026-40963 issue affects the Apache Airflow UI’s /ui/structure/structure_data endpoint. It allows an authenticated user with access to one Dag to enumerate dependency graph nodes and related metadata for other Dags for which they lack read permissions, leaking topology across teams when p...
CVE-2026-40861
CVE-2026-40861 affects Apache Airflow, specifically the FileTaskHandler used for task logs. A Dag author can cause log path resolution to escape the configured base_log_folder via two patterns: (a) creating a symlink in the task log directory to an arbitrary file readable by the API server (read-...
CVE-2026-40961
CVE-2026-40961 — Apache Airflow Open Redirect Bypass . A bug in the login redirect route allows authenticated users to craft URLs that bypass the is_safe_url check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. This affects the login flow and can lead to cre...
CVE-2026-41084
CVE-2026-41084: Apache Airflow bug in the bulk Task Instances API (PATCH/DELETE /api/v2/dags/{dag_id}/dagRuns/{dag_run_id}/taskInstances) evaluated authorization from the URL dag_id while operating on dag_id/dag_run_id from the request body. An authenticated user with edit permission on one Dag c...
CVE-2025-62503
CVE-2025-62503 – Apache Airflow: Privilege boundary bypass in bulk APIs allows a user with CREATE (but not UPDATE) for Pools, Connections, and Variables to update existing records via the bulk create API with an overwrite action. Multiple sources (BIT-AIRFLOW-2025-62503, EUVD, Red Hat/CISA refere...
CVE-2026-30912
CVE-2026-30912 concerns Apache Airflow where SQL errors expose exception and stack trace information in the API despite the setting api/expose_stack_traces being disabled. This behavior can leak sensitive information to an attacker. The connected sources consistently indicate the issue affects Ai...
CVE-2026-31987
Apache Airflow CVE-2026-31987 involves JWT tokens used by tasks being exposed in logs, potentially allowing UI users to act as Dag Authors. Connected sources consistently identify the issue as a log exposure of JWT tokens and advise upgrading to a fixed Airflow release (version 3.2.0 or newer). T...
CVE-2026-32228
CVE-2026-32228 affects Apache Airflow. A UI/API user with asset materialize permission could trigger DAGs to which they have no access. The public description consistently notes that upgrading to Airflow v3.2.0 fixes the issue. No exploitation status or in-the-wild details are provided in the sup...
CVE-2026-42358
Summary (CVE-2026-42358): In Apache Airflow, the Variable response masker can bypass nested-key redaction when JSON values are deeply nested. Keys ending with secret-like suffixes (password, token, secret, api_key) could have their plaintext values exposed if nesting depth exceeds the masker's re...
CVE-2025-54550
Summary (CVE-2025-54550) : The issue concerns the example_xcom in Airflow documentation that reads from XComs using an unsafe pattern. The root cause is a vulnerable read pattern that could allow a UI user with XCom modification access to cause arbitrary code execution on the worker. The document...
CVE-2026-42359
CVE-2026-42359 (Apache Airflow) : A bug in the XCom PATCH endpoint (PATCH /api/v2/xcomEntries/{key}) allows an authenticated UI/API user with XCom write permission on a DAG to set XCom entries under reserved keys (e.g., return_value) that bypass a prior validation on the POST path. The endpoint c...
CVE-2025-66388
CVE-2025-66388 affects Apache Airflow where an authenticated UI user could view secret values in rendered templates because secrets were not properly redacted. This information disclosure vulnerability enables access to sensitive data without additional authorization. Public sources in connected ...
CVE-2026-28779
Apache Airflow 3.1.0–3.1.7 exposes a session-token cookie path (/), ignoring configured webserver/api base_url. This enables co-hosted applications on the same domain to capture tokens and take over sessions without exploiting Airflow itself. Public descriptions consistently recommend upgrading t...
CVE-2026-26929
CVE-2026-26929 affects Apache Airflow versions 3.0.0–3.1.7 where the FastAPI DagVersion listing API does not apply per-DAG authorization filtering when dag_id is “~” (wildcard). This allows a requester to retrieve version metadata for DAGs they are not authorized to access. The public advisories ...
CVE-2026-40690
CVE-2026-40690 affects the asset dependency graph in Apache Airflow. The issue: the graph view did not enforce DAG read permissions , allowing a user with access to at least one DAG to discover the existence and names of other DAGs and assets across the deployment. Root cause per sources: lack of...
CVE-2026-41016
CVE-2026-41016 affects Apache Airflow’s SMTP provider SmtpHook. The SMTP workflow calls smtplib.SMTP.starttls() without supplying an SSL context, so TLS upgrades do not validate certificates. This enables a man-in-the-middle between the Airflow worker and the SMTP server to present a self-signed ...
CVE-2025-27555
CVE-2025-27555 concerns Apache Airflow prior to 2.11.1 where authenticated users with audit log access can see sensitive connection parameters logged by the system when set via the airflow CLI. The underlying issue is that these sensitive values were stored unencrypted in the Airflow database and...
CVE-2026-24098
CVE-2026-24098 affects Apache Airflow versions before 3.1.7. Authenticated UI users with permission to one or more Dags can view import errors generated by other Dags they should not access. The issue is remedied by upgrading to Airflow 3.1.7 or later; no further exploit details are provided in t...
CVE-2026-48828
The CVE-2026-48828 issue affects Apache Airflow’s Bulk Variables API: the redactor was invoked without passing the variable key, so the key-based should_hide_value_for_key check (triggered by secret-suffixed keys like *_password, *_token, *_secret) could not redact JSON-typed variable values. An ...
CVE-2026-49296
CVE-2026-49296 (Apache Airflow) : Affected versions before 3.3.0 expose the full source of co-located DAGs when reading a single DAG via GET /api/v2/dagSources/{dag_id} or the UI view, bypassing per-DAG read controls. This can disclose multiple DAG sources from the same file to authorized readers...
CVE-2026-34538
Apache Airflow CVE-2026-34538 affects 3.0.0–3.1.8 where the DagRun wait endpoint exposes XCom payloads to users with only DAG Run read access (e.g., Viewer), bypassing FAB RBAC protections. Root cause: authorization flaw in the DagRun wait path that reveals XCom results to unauthorized users. Imp...
CVE-2026-48891
A vulnerability in Apache Airflow affects the UI at /ui/dependencies where the scheduling graph endpoint applies the caller’s readable-Dag filter to the top-level Dag key but still exposes Dag IDs in dep.source and dep.target for trigger/sensor entries. An authenticated UI user with read access t...
CVE-2026-48892
CVE-2026-48892 : Apache Airflow's Config API leaks per-key secrets-backend overrides via environment variables (e.g., AIRFLOW__SECRETS__BACKEND_KWARG__SECRET_ID, AIRFLOW__WORKERS__SECRETS_BACKEND_KWARG__SECRET_ID) that are not in sensitive_config_values, allowing an authenticated UI/API user with...
CVE-2026-49487
Apache Airflow prior to 3.3.0 exposes secrets in clear text via the REST API. Specifically, the task-instance detail and list endpoints leak a deferred task’s trigger kwargs, so if a deferred operator passes a secret (e.g., a provider API key) into its trigger, any authenticated user with DAG-sco...