Skip to main content

Apache Airflow CVE-2026-48828

| EUVDEUVD-2026-42028 MEDIUM
Information Exposure (CWE-200)
2026-07-07 apache GHSA-563f-2439-rmq4
6.5
CVSS 3.1 · Vendor: apache
Share

Severity by source

Vendor (apache) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

Network-reachable API, low complexity, but PR:L because exploitation requires authenticated access with a specific bulk Variable read permission grant; confidentiality fully compromised for affected variables; no integrity or availability impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (apache).

CVSS VectorVendor: apache

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
CVSS changed
Jul 07, 2026 - 14:22 NVD
6.5 (MEDIUM)
Analysis Generated
Jul 07, 2026 - 10:42 vuln.today

DescriptionCVE.org

The Bulk Variables API in Apache Airflow called the redactor without passing the variable's key, so the key-based should_hide_value_for_key check (which triggers on secret-suffixed key names like *_password / *_token / *_secret) could not fire for JSON-decodable variable values. An authenticated UI/API user with bulk Variable read permission could retrieve plaintext values from JSON variables whose key would otherwise trigger redaction. Affects deployments that store sensitive values in JSON-typed Airflow Variables under secret-suffixed key names. Users are advised to upgrade to apache-airflow 3.3.0 or later (the fix landed on main after 3.2.2; no 3.2.x backport).

AnalysisAI

Sensitive credential exposure in Apache Airflow's Bulk Variables API allows authenticated users with bulk Variable read permission to retrieve plaintext values from JSON-typed variables whose key names use secret-suffixed conventions such as *_password, *_token, or *_secret. The redactor function was invoked without passing the variable key, so the should_hide_value_for_key check - which is responsible for masking secrets based on key-name patterns - could never fire for JSON-decodable variable values. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to Airflow with bulk Variable read permission
Exploit
Call Bulk Variables API endpoint
Execution
Receive JSON-typed variables without key-based redaction
Impact
Extract plaintext secrets from secret-suffixed variable values

Vulnerability AssessmentAI

Exploitation Exploitation requires: (1) an authenticated Airflow user session - unauthenticated access is not possible; (2) the account must hold the bulk Variable read permission, which is a specific, grantable Airflow RBAC permission and is not assigned to all authenticated users by default; (3) the target deployment must store sensitive values in Variables that are JSON-typed (i.e., the value is a valid JSON document, not a plain string); and (4) those Variables must use key names matching secret-indicating suffixes such as `*_password`, `*_token`, or `*_secret`. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment No vendor-provided CVSS score was supplied for this CVE, so risk must be assessed from first principles. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with a valid Airflow account that holds bulk Variable read permission - such as a data engineer, analyst, or a compromised service account - calls the Bulk Variables API endpoint and receives a response containing all variables. Because the redactor receives no key context for JSON-typed variables, values stored under keys like `prod_db_password` or `stripe_api_token` are returned in cleartext rather than masked, allowing the attacker to harvest credentials without triggering any redaction. …
Remediation Upgrade to `apache-airflow` 3.3.0 or later, which contains the fix introduced via pull request https://github.com/apache/airflow/pull/67495. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-33264 CRITICAL
9.8 Jul 07

Remote code execution in Apache Airflow before 3.3.0 lets a DAG author embed a malicious trigger whose attacker-controll

CVE-2026-30898 HIGH
8.8 Apr 18

Command injection in Apache Airflow's BashOperator documentation example allows authenticated attackers to escalate priv

CVE-2025-54550 HIGH
8.1 Apr 15

The example example_xcom that was included in airflow documentation implemented unsafe pattern of reading value from xco

CVE-2026-30911 HIGH
8.1 Mar 17

CVE-2026-30911 is a security vulnerability (CVSS 8.1) that allows any authenticated task instance. High severity vulnera

CVE-2026-31987 HIGH
7.5 Apr 16

Apache Airflow 3.0.0 through 3.1.x exposes JWT authentication tokens in application logs, allowing any authenticated UI

CVE-2026-28779 HIGH
7.5 Mar 17

CVE-2026-28779 is a security vulnerability (CVSS 7.5) that allows any application co-hosted under the same domain. High

CVE-2026-32228 HIGH
7.5 Apr 18

Apache Airflow 3.0.x prior to 3.2.0 allows remote unauthenticated attackers to trigger unauthorized DAG (Directed Acycli

CVE-2026-49296 MEDIUM
6.5 Jul 07

{dag_id}` endpoint and its UI equivalent perform authorization only on the requested DAG identifier, not on the full fil

CVE-2026-49487 MEDIUM
6.5 Jul 07

Apache Airflow REST API exposes provider secrets in plaintext through the task-instance detail and list endpoints when t

CVE-2026-48892 MEDIUM
6.5 Jul 07

Apache Airflow's Config API leaks plaintext secrets-backend credentials to authenticated users with Config read permissi

CVE-2026-26929 MEDIUM
6.5 Mar 17

CVE-2026-26929 is a security vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management proce

CVE-2026-48891 MEDIUM
4.3 Jul 07

Incomplete authorization filtering in Apache Airflow's `/ui/dependencies` scheduling graph endpoint exposes restricted D

Share

CVE-2026-48828 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy