Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Network-reachable API, low complexity, but PR:L because exploitation requires authenticated access with a specific bulk Variable read permission grant; confidentiality fully compromised for affected variables; no integrity or availability impact.
Primary rating from Vendor (apache).
CVSS VectorVendor: apache
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
The Bulk Variables API in Apache Airflow called the redactor without passing the variable's key, so the key-based should_hide_value_for_key check (which triggers on secret-suffixed key names like *_password / *_token / *_secret) could not fire for JSON-decodable variable values. An authenticated UI/API user with bulk Variable read permission could retrieve plaintext values from JSON variables whose key would otherwise trigger redaction. Affects deployments that store sensitive values in JSON-typed Airflow Variables under secret-suffixed key names. Users are advised to upgrade to apache-airflow 3.3.0 or later (the fix landed on main after 3.2.2; no 3.2.x backport).
AnalysisAI
Sensitive credential exposure in Apache Airflow's Bulk Variables API allows authenticated users with bulk Variable read permission to retrieve plaintext values from JSON-typed variables whose key names use secret-suffixed conventions such as *_password, *_token, or *_secret. The redactor function was invoked without passing the variable key, so the should_hide_value_for_key check - which is responsible for masking secrets based on key-name patterns - could never fire for JSON-decodable variable values. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires: (1) an authenticated Airflow user session - unauthenticated access is not possible; (2) the account must hold the bulk Variable read permission, which is a specific, grantable Airflow RBAC permission and is not assigned to all authenticated users by default; (3) the target deployment must store sensitive values in Variables that are JSON-typed (i.e., the value is a valid JSON document, not a plain string); and (4) those Variables must use key names matching secret-indicating suffixes such as `*_password`, `*_token`, or `*_secret`. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | No vendor-provided CVSS score was supplied for this CVE, so risk must be assessed from first principles. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with a valid Airflow account that holds bulk Variable read permission - such as a data engineer, analyst, or a compromised service account - calls the Bulk Variables API endpoint and receives a response containing all variables. Because the redactor receives no key context for JSON-typed variables, values stored under keys like `prod_db_password` or `stripe_api_token` are returned in cleartext rather than masked, allowing the attacker to harvest credentials without triggering any redaction. … |
| Remediation | Upgrade to `apache-airflow` 3.3.0 or later, which contains the fix introduced via pull request https://github.com/apache/airflow/pull/67495. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Apache Airflow
View allRemote code execution in Apache Airflow before 3.3.0 lets a DAG author embed a malicious trigger whose attacker-controll
Command injection in Apache Airflow's BashOperator documentation example allows authenticated attackers to escalate priv
The example example_xcom that was included in airflow documentation implemented unsafe pattern of reading value from xco
CVE-2026-30911 is a security vulnerability (CVSS 8.1) that allows any authenticated task instance. High severity vulnera
Apache Airflow 3.0.0 through 3.1.x exposes JWT authentication tokens in application logs, allowing any authenticated UI
CVE-2026-28779 is a security vulnerability (CVSS 7.5) that allows any application co-hosted under the same domain. High
Apache Airflow 3.0.x prior to 3.2.0 allows remote unauthenticated attackers to trigger unauthorized DAG (Directed Acycli
{dag_id}` endpoint and its UI equivalent perform authorization only on the requested DAG identifier, not on the full fil
Apache Airflow REST API exposes provider secrets in plaintext through the task-instance detail and list endpoints when t
Apache Airflow's Config API leaks plaintext secrets-backend credentials to authenticated users with Config read permissi
CVE-2026-26929 is a security vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management proce
Incomplete authorization filtering in Apache Airflow's `/ui/dependencies` scheduling graph endpoint exposes restricted D
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42028
GHSA-563f-2439-rmq4