Apache Airflow
19 CVEs affecting Apache Airflow. Latest disclosed: 2026-06-01. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-42252 | Critical | 9.1 | 2026-06-01 | Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_comman… |
CVE-2026-49298 | High | 8.8 | 2026-06-01 | A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker contain… |
CVE-2026-42359 | High | 8.8 | 2026-06-01 | A bug in Apache Airflow's XCom PATCH endpoint `PATCH /api/v2/xcomEntries/{key}` allowed an authenticated UI/API user with XCom write permission on a Dag to set… |
CVE-2026-41084 | High | 7.5 | 2026-06-01 | A bug in Apache Airflow's bulk Task Instances API (`PATCH/DELETE /api/v2/dags/{dag_id}/dagRuns/{dag_run_id}/taskInstances`) evaluated authorization against the… |
CVE-2026-45360 | High | 7.3 | 2026-06-01 | Apache Airflow's scheduler-side deadline-reference decoder (`SerializedCustomReference.deserialize_reference`) imported and dispatched arbitrary class paths dr… |
CVE-2026-40961 | High | 7.2 | 2026-06-01 | A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the `is_safe_url` check, enabling redirection from… |
CVE-2026-48726 | Medium | 6.5 | 2026-06-01 | A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for `Fa… |
CVE-2026-42360 | Medium | 6.5 | 2026-06-01 | A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking (e.g. nested `password` / `token` / `secret` / `api_key` keys in… |
CVE-2026-42358 | Medium | 6.5 | 2026-06-01 | A bug in Apache Airflow's Variable response masker caused nested-key redaction (triggered by secret-suffixed key names like `password`, `token`, `secret`, `api… |
CVE-2026-40861 | Medium | 6.5 | 2026-06-01 | A Dag author could either (a) create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process (read-path att… |
CVE-2026-45192 | Medium | 6.5 | 2026-06-01 | A bug in the GET `/api/v2/connections/{connection_id}` REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission… |
CVE-2026-49267 | Medium | 5.9 | 2026-06-01 | Apache Airflow's EmailOperator and the underlying `airflow.utils.email` helpers established SMTP STARTTLS connections without verifying the remote certificate… |
CVE-2026-41017 | Medium | 5.9 | 2026-06-01 | Apache Airflow's `JWTRefreshMiddleware` set the JWT auth cookie without the `Secure` flag, so deployments running the Airflow API server behind an HTTPS-termin… |
CVE-2026-41016 | Medium | 5.9 | 2026-04-30 | Apache Airflow's SMTP provider `SmtpHook` called Python's `smtplib.SMTP.starttls()` without an SSL context, so no certificate validation was performed on the T… |
CVE-2026-46764 | Medium | 4.3 | 2026-06-01 | The Event Log detail endpoint `GET /api/v2/eventLogs/{event_log_id}` in Apache Airflow fetched audit-log rows directly by numeric ID after only the generic Aud… |
CVE-2026-41014 | Medium | 4.3 | 2026-06-01 | The partitioned_dag_runs endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with glo… |
CVE-2026-45426 | Low | 3.1 | 2026-06-01 | Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag. Apache Airflow's L… |
CVE-2026-40963 | Low | 3.1 | 2026-06-01 | The structure_data endpoint in the Airflow UI returned external dependency graph nodes for linked Dags without checking whether the caller had read permission… |
CVE-2019-12398 | | 2020-01-14 | In Apache Airflow before 1.10.5 when running with the "classic" UI, a malicious admin user could edit the state of objects in the Airflow metadata database to… |