CVE-2026-49818
The CVE concerns Apache Airflow Samba provider’s GCSToSambaOperator, which concatenates GCS object names to the SMB destination path without proper containment checks. This allows objects with ../ segments to traverse outside destination_path, enabling an unauthenticated-like attacker able to wri...