| CVE-2026-42252 |
critical |
9.1 |
9.1 |
|
|
|
3d ago |
Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_command="echo value: {{ dag_run.conf['conf1'] … |
| CVE-2026-42359 |
high |
8.8 |
8.8 |
|
|
|
3d ago |
A bug in Apache Airflow's XCom PATCH endpoint `PATCH /api/v2/xcomEntries/{key}` allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names (… |
| CVE-2026-25917 |
high |
— |
8.0 |
|
|
|
2mo ago |
Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly tr… |
| CVE-2026-41084 |
high |
7.5 |
7.5 |
|
|
|
3d ago |
A bug in Apache Airflow's bulk Task Instances API (`PATCH/DELETE /api/v2/dags/{dag_id}/dagRuns/{dag_run_id}/taskInstances`) evaluated authorization against the `dag_id` resolved from the URL path whi… |
| CVE-2026-45360 |
high |
7.3 |
7.3 |
|
|
|
3d ago |
Apache Airflow's scheduler-side deadline-reference decoder (`SerializedCustomReference.deserialize_reference`) imported and dispatched arbitrary class paths drawn from DAG-author-controlled serialize… |
| CVE-2026-48726 |
medium |
6.5 |
6.5 |
|
|
|
3d ago |
A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for `FabAuthManager` and `KeycloakAuthManager` … |
| CVE-2026-42360 |
medium |
6.5 |
6.5 |
|
|
|
3d ago |
A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking (e.g. nested `password` / `token` / `secret` / `api_key` keys inside a JSON template structure) to be by… |
| CVE-2026-40861 |
medium |
6.5 |
6.5 |
|
|
|
3d ago |
A Dag author could either (a) create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process (read-path attack — e.g. `/etc/passwd` or `airflow.cfg… |
| CVE-2026-45192 |
medium |
6.5 |
6.5 |
|
|
|
3d ago |
A bug in the GET `/api/v2/connections/{connection_id}` REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connect… |
| CVE-2026-41017 |
medium |
5.9 |
5.9 |
|
|
|
3d ago |
Apache Airflow's `JWTRefreshMiddleware` set the JWT auth cookie without the `Secure` flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy (e.g. nginx / Envoy … |
| CVE-2026-38743 |
medium |
— |
5.5 |
|
|
|
1mo ago |
Apache Airflow's authenticated /ui/dags endpoint did not enforce per-DAG access control on embedded Human-in-the-Loop (HITL) and TaskInstance record |
| CVE-2026-40690 |
medium |
— |
5.5 |
|
|
|
1mo ago |
Apache Airflow's asset dependency graph did not restrict nodes by the viewer's DAG read permissions |
| CVE-2026-41014 |
medium |
4.3 |
4.3 |
|
|
|
3d ago |
The partitioned_dag_runs endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerat… |
| CVE-2026-45426 |
low |
3.1 |
3.1 |
|
|
|
3d ago |
Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag. Apache Airflow's Log server authorized JWT tokens against … |
| CVE-2020-13927 |
unknown |
— |
2.5 |
|
|
|
5y ago |
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication. |
| CVE-2020-11978 |
unknown |
— |
2.5 |
|
|
|
6y ago |
A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow. |
| CVE-2026-32690 |
unknown |
— |
— |
|
|
|
2mo ago |
Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored as nested fields were not masked.
If you do not stor… |
| CVE-2026-30912 |
unknown |
— |
— |
|
|
|
2mo ago |
In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/expose_stack_traces" was set to false. That could lead to exposing additional information to potential attacker.… |
| CVE-2026-31987 |
unknown |
— |
— |
|
|
|
2mo ago |
Apache Airflow: JWT token appearing in logs |
| CVE-2025-54550 |
unknown |
— |
— |
|
|
|
2mo ago |
Apache Airflow: RCE by race condition in example_xcom dag |
| CVE-2026-25219 |
unknown |
— |
— |
|
|
|
2mo ago |
Apache Airlfow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access |
| CVE-2026-33858 |
unknown |
— |
— |
|
|
|
2mo ago |
Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly tr… |
| CVE-2025-66236 |
unknown |
— |
— |
|
|
|
2mo ago |
Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. So… |
| CVE-2025-57735 |
unknown |
— |
— |
|
|
|
2mo ago |
Apache Airflow: JWT token still valid after logout |
| CVE-2026-34538 |
unknown |
— |
— |
|
|
|
2mo ago |
Apache Airflow versions 3.0.0 through 3.1.8 DagRun wait endpoint returns XCom result values even to users who only have DAG Run read permissions, such as the Viewer role.This behavior conflicts with … |
| CVE-2026-32794 |
unknown |
— |
— |
|
|
|
2mo ago |
Apache Airflow Provider for Databricks: TLS Certificate Verification is Disabled in Databricks Provider K8s Token Exchange |
| CVE-2026-30911 |
unknown |
— |
— |
|
|
|
3mo ago |
Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop (HITL) endpoints that allows any authenticated task instance to read, approve,… |
| CVE-2026-28563 |
unknown |
— |
— |
|
|
|
3mo ago |
Apache Airflow versions 3.1.0 through 3.1.7 /ui/dependencies endpoint returns the full DAG dependency graph without filtering by authorized DAG IDs. This allows an authenticated user with only DAG De… |
| CVE-2026-28779 |
unknown |
— |
— |
|
|
|
3mo ago |
Apache Airflow versions 3.1.0 through 3.1.7 session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url.
This allows any application co-host… |
| CVE-2026-26929 |
unknown |
— |
— |
|
|
|
3mo ago |
Apache Airflow versions 3.0.0 through 3.1.7 FastAPI DagVersion listing API does not apply per-DAG authorization filtering when the request is made with dag_id set to "~" (wildcard for all DAGs). As a… |
| CVE-2025-27555 |
unknown |
— |
— |
|
|
|
3mo ago |
Apache Airflow exposes sensitive information in its log files |
| CVE-2024-56373 |
unknown |
— |
— |
|
|
|
3mo ago |
Apache Airflow vulnerable to Code Injection in the web-server context via LogTemplate table |
| CVE-2025-65995 |
unknown |
— |
— |
|
|
|
3mo ago |
Apache Airflow error reporting may expose full kwargs |
| CVE-2026-24098 |
unknown |
— |
— |
|
|
|
4mo ago |
Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with permission to one or more specific Dags to view import errors generated by other Dags they did not hav… |
| CVE-2026-22922 |
unknown |
— |
— |
|
|
|
4mo ago |
Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log… |
| CVE-2025-68675 |
unknown |
— |
— |
|
|
|
5mo ago |
In Apache Airflow versions before 3.1.6, and 2.11.1 the proxies and proxy fields within a Connection may include proxy URLs containing embedded authentication information. These fields were not treat… |
| CVE-2025-68438 |
unknown |
— |
— |
|
|
|
5mo ago |
In Apache Airflow versions before 3.1.6, when rendered template fields in a Dag exceed [core] max_templated_field_length, sensitive values could be exposed in cleartext in the Rendered Templates UI. … |
| CVE-2025-67895 |
unknown |
— |
— |
|
|
|
6mo ago |
Edge3 Worker RPC RCE on Airflow 2.
This issue affects Apache Airflow Providers Edge3: before 2.0.0 - and only if you installed and configured it on Airflow 2.
The Edge3 provider support in Airflo… |
| CVE-2025-66388 |
unknown |
— |
— |
|
|
|
6mo ago |
A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted, potentially exposing secrets to users without … |
| CVE-2025-54941 |
unknown |
— |
— |
|
|
|
7mo ago |
Apache Airflow has a command injection vulnerability in "example_dag_decorator" |
| CVE-2025-62402 |
unknown |
— |
— |
|
|
|
7mo ago |
Apache Airflow `/api/v2/dagReports` executes DAG Python in API |
| CVE-2025-62503 |
unknown |
— |
— |
|
|
|
7mo ago |
Apache Airflow's create action can upsert existing Pools/Connections/Variables |
| CVE-2025-54831 |
unknown |
— |
— |
|
|
|
8mo ago |
Apache Airflow 3 introduced a change to the handling of sensitive information in Connections. The intent was to restrict access to sensitive connection fields to Connection Editing Users, effectively… |
| CVE-2024-45784 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentional… |
| CVE-2024-50378 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent Data |
| CVE-2024-45498 |
unknown |
— |
— |
|
|
|
2y ago |
Example DAG: example_inlet_event_extra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary co… |
| CVE-2024-45034 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add local settings to the DAG folder and get it executed by the scheduler, where the scheduler is not supposed to… |
| CVE-2024-41937 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link.… |
| CVE-2024-42447 |
unknown |
— |
— |
|
|
|
2y ago |
Insufficient Session Expiration vulnerability in Apache Airflow Providers FAB.
This issue affects Apache Airflow Providers FAB: 1.2.1 (when used with Apache Airflow 2.9.3) and FAB 1.2.0 for all Airf… |
| CVE-2024-39877 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow 2.4.0, and versions before 2.9.3, has a vulnerability that allows authenticated DAG authors to craft a doc_md parameter in a way that could execute arbitrary code in the scheduler cont… |
| CVE-2024-39863 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow versions before 2.9.3 have a vulnerability that allows an authenticated attacker to inject a malicious link when installing a provider. Users are recommended to upgrade to version 2.9.… |
| CVE-2024-25142 |
unknown |
— |
— |
|
|
|
2y ago |
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow.
Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could re… |
| CVE-2024-32077 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs.
Users are recommended to upgrade to version 2.9.1, which … |
| CVE-2024-31869 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used |
| CVE-2024-29735 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow Improper Preservation of Permissions vulnerability |
| CVE-2024-28746 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, etc from the UI which … |
| CVE-2024-26280 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames they were not permi… |
| CVE-2024-27906 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI.
… |
| CVE-2023-50943 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow, versions before 2.8.1, have a vulnerability that allows a potential attacker to poison the XCom data by bypassing the protection of "enable_xcom_pickling=False" configuration setting … |
| CVE-2023-50944 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they don't have access. This vulnerability is considered low … |
| CVE-2023-51702 |
unknown |
— |
— |
|
|
|
2y ago |
Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service |
| CVE-2023-50783 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable.
This flaw compromises the integrity… |
| CVE-2023-49920 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigger a DAG in a GET request without CSRF validation. As a result, it was possible for a malicious websit… |
| CVE-2023-48291 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write acc… |
| CVE-2023-47265 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions 2.6.0 through 2.7.3 has a stored XSS vulnerability that allows a DAG author to add an unbounded and not-sanitized javascript in the parameter description field of the DAG. Th… |
| CVE-2023-42781 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. This is a… |
| CVE-2023-47037 |
unknown |
— |
— |
|
|
|
3y ago |
We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then.
Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-v… |
| CVE-2023-46215 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow Celery provider Insertion of Sensitive Information into Log File vulnerability |
| CVE-2023-46288 |
unknown |
— |
— |
|
|
|
3y ago |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.4.0 to 2.7.0.
Sensitive configuration information has been exposed… |
| CVE-2023-42663 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs.
Users of A… |
| CVE-2023-45348 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the "expose_config" option is set to "… |
| CVE-2023-42792 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write acc… |
| CVE-2023-42780 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DA… |
| CVE-2023-40712 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated users who have access to see the task/dag in the UI, to craft a URL, which could lead to unmasking the … |
| CVE-2023-40611 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could ha… |
| CVE-2023-39441 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow missing Certificate Validation |
| CVE-2023-37379 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user … |
| CVE-2023-40273 |
unknown |
— |
— |
|
|
|
3y ago |
The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the … |
| CVE-2023-39553 |
unknown |
— |
— |
|
|
|
3y ago |
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.
Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in m… |
| CVE-2023-39508 |
unknown |
— |
— |
|
|
|
3y ago |
Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authentic… |
| CVE-2023-22888 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to cause a service disruption by manipulating the run_id parameter. This vulnerability is considered low … |
| CVE-2023-22887 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the run_id p… |
| CVE-2023-36543 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.6.3, has a vulnerability where an authenticated user can use crafted input to make the current request hang. It is recommended to upgrade to a version that is not af… |
| CVE-2023-35908 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows unauthorized read access to a DAG through the URL. It is recommended to upgrade to a version that is not affected |
| CVE-2022-46651 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an unauthorized actor to gain access to sensitive information in Connection edit view. This vulnerability is consider… |
| CVE-2023-35005 |
unknown |
— |
— |
|
|
|
3y ago |
In Apache Airflow, some potentially sensitive values were being shown to the user in certain situations.
This vulnerability is mitigated by the fact configuration is not shown in the UI by default (… |
| CVE-2023-25754 |
unknown |
— |
— |
|
|
|
3y ago |
Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0.
|
| CVE-2023-29247 |
unknown |
— |
— |
|
|
|
3y ago |
Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0.
|
| CVE-2023-28707 |
unknown |
— |
— |
|
|
|
3y ago |
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2. |
| CVE-2023-25695 |
unknown |
— |
— |
|
|
|
3y ago |
Generation of Error Message Containing Sensitive Information vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.5.2. |
| CVE-2023-25693 |
unknown |
— |
— |
|
|
|
3y ago |
Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider.
This issue affects Apache Airflow Sqoop Provider versions before 3.1.1.
|
| CVE-2023-22884 |
unknown |
— |
— |
|
|
|
3y ago |
Command Injection in Apache Airflow and Apache Airflow MySQL Provider |
| CVE-2022-40189 |
unknown |
— |
— |
|
|
|
4y ago |
OS Command Injection in Apache Airflow |
| CVE-2022-40954 |
unknown |
— |
— |
|
|
|
4y ago |
OS Command Injection in Apache Airflow |
| CVE-2022-38649 |
unknown |
— |
— |
|
|
|
4y ago |
OS Command Injection in Apache Airflow |
| CVE-2022-45402 |
unknown |
— |
— |
|
|
|
4y ago |
In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint. |
| CVE-2022-40127 |
unknown |
— |
— |
|
|
|
4y ago |
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. This issue affects Apac… |
| CVE-2022-27949 |
unknown |
— |
— |
|
|
|
4y ago |
A vulnerability in UI of Apache Airflow allows an attacker to view unmasked secrets in rendered template values for tasks which were not executed (for example when they were depending on past and pre… |
| CVE-2022-43982 |
unknown |
— |
— |
|
|
|
4y ago |
In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument. |
| CVE-2022-43985 |
unknown |
— |
— |
|
|
|
4y ago |
In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's `/confirm` endpoint. |
