What is CVE-2026-32794?

CVE-2026-32794 is a vulnerability in Apache Software Foundation Airflow Provider For Databricks, classified under Improper Certificate Validation. Published 2026-03-30.

Is CVE-2026-32794 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Airflow Provider For Databricks

CVE-2026-32794

Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is inte…

Vulnerability class: Improper Certificate Validation

EPSS: 0.000 (7.2th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Airflow Provider For Databricks — versions 1.10.0

Weakness classification (CWE)

CWE-295 — Improper Certificate Validation

Public proof-of-concept exploits

SnailSploit/CVE-2026-32794

References

github.com/apache/airflow/pull/63704 (patch)
lists.apache.org/thread/hn17yqsgsdtl81llvhf80rkp53hnz5nb (vendor-advisory)

Frequently asked questions

What is CVE-2026-32794?: CVE-2026-32794 is a vulnerability in Apache Software Foundation Airflow Provider For Databricks, classified under Improper Certificate Validation. Published 2026-03-30.
Is CVE-2026-32794 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.