Vulnerability in Apache Software Foundation Airflow

CVE-2026-30912

In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/expose_stack_traces" was set to false. That could lead to exposing additional information to potential attacker. Users are recommended to upgrade to Apa…

EPSS: 0.001 (26.4th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Airflow — versions 0

Weakness classification (CWE)

CWE-668 — Exposure of Resource to Wrong Sphere

References

github.com/apache/airflow/pull/63028 (patch)
lists.apache.org/thread/tp6kz1hnfb3zsrrtg19myo8x5x80w8r9 (vendor-advisory)