Skip to main content

Apache Airflow CVE-2026-48892

| EUVDEUVD-2026-42024 MEDIUM
Information Exposure (CWE-200)
2026-07-07 apache GHSA-9933-5rrp-mfwx
6.5
CVSS 3.1 · Vendor: apache
Share

Severity by source

Vendor (apache) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
6.5 MEDIUM

Network-accessible API requires authenticated low-privilege account with Config read permission; confidentiality impact is high due to plaintext credential exposure; no integrity or availability impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (apache).

CVSS VectorVendor: apache

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
CVSS changed
Jul 07, 2026 - 14:22 NVD
6.5 (MEDIUM)
Analysis Generated
Jul 07, 2026 - 10:38 vuln.today

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 454 pypi packages depend on apache-airflow (429 direct, 30 indirect)

Ecosystem-wide dependent count for version 3.3.0.

DescriptionCVE.org

The Config API in Apache Airflow surfaced per-key secrets-backend overrides (environment variables like AIRFLOW__SECRETS__BACKEND_KWARG__SECRET_ID and AIRFLOW__WORKERS__SECRETS_BACKEND_KWARG__SECRET_ID) as synthetic config options whose option names were not in sensitive_config_values, so the masker did not redact them. An authenticated UI/API user with Config read permission could retrieve plaintext secrets-backend credentials (Vault role_id / secret_id, etc.) from the Config API output. Affects deployments that configure secrets backends via per-key environment overrides. Users are advised to upgrade to apache-airflow 3.3.0 or later.

AnalysisAI

Apache Airflow's Config API leaks plaintext secrets-backend credentials to authenticated users with Config read permission, because per-key environment variable overrides (e.g., AIRFLOW__SECRETS__BACKEND_KWARG__SECRET_ID) generate synthetic config entries whose names are absent from the sensitive_config_values masking list. Affected deployments are those that configure secrets backends such as HashiCorp Vault via these per-key environment variable patterns, exposing credentials like Vault role_id and secret_id through normal API responses. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to Airflow with Config read permission
Delivery
Issue GET request to Config API
Exploit
Receive unredacted BACKEND_KWARG environment values in response
Execution
Use harvested Vault role_id and secret_id to authenticate to secrets backend
Impact
Enumerate and exfiltrate managed secrets

Vulnerability AssessmentAI

Exploitation Exploitation requires three concurrent conditions: (1) the attacker holds a valid Airflow account with the Config read permission granted - unauthenticated or unprivileged users cannot trigger this path; (2) the target deployment configures its secrets backend using per-key environment variable overrides in the AIRFLOW__SECRETS__BACKEND_KWARG__* or AIRFLOW__WORKERS__SECRETS_BACKEND_KWARG__* namespace - deployments using only the top-level AIRFLOW__SECRETS__BACKEND or inline kwarg configuration are not exposed; and (3) those environment variables contain actual credentials (e.g., Vault role_id, secret_id). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment No CVSS vector was provided by NVD or the vendor advisory, so all metric judgments below are independently inferred from the description. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained or holds a low-privileged Airflow account with Config read permission issues a GET request to the Airflow Config API endpoint. Because the per-key secrets-backend override option names are absent from the masker's allowlist, the API response includes the plaintext Vault role_id and secret_id. …
Remediation The primary fix is to upgrade to apache-airflow 3.3.0 or later, which corrects the masking omission so that per-key BACKEND_KWARG environment variable names are included in sensitive_config_values and redacted in Config API output. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-33264 CRITICAL
9.8 Jul 07

Remote code execution in Apache Airflow before 3.3.0 lets a DAG author embed a malicious trigger whose attacker-controll

CVE-2026-30898 HIGH
8.8 Apr 18

Command injection in Apache Airflow's BashOperator documentation example allows authenticated attackers to escalate priv

CVE-2025-54550 HIGH
8.1 Apr 15

The example example_xcom that was included in airflow documentation implemented unsafe pattern of reading value from xco

CVE-2026-30911 HIGH
8.1 Mar 17

CVE-2026-30911 is a security vulnerability (CVSS 8.1) that allows any authenticated task instance. High severity vulnera

CVE-2026-31987 HIGH
7.5 Apr 16

Apache Airflow 3.0.0 through 3.1.x exposes JWT authentication tokens in application logs, allowing any authenticated UI

CVE-2026-28779 HIGH
7.5 Mar 17

CVE-2026-28779 is a security vulnerability (CVSS 7.5) that allows any application co-hosted under the same domain. High

CVE-2026-32228 HIGH
7.5 Apr 18

Apache Airflow 3.0.x prior to 3.2.0 allows remote unauthenticated attackers to trigger unauthorized DAG (Directed Acycli

CVE-2026-49296 MEDIUM
6.5 Jul 07

{dag_id}` endpoint and its UI equivalent perform authorization only on the requested DAG identifier, not on the full fil

CVE-2026-49487 MEDIUM
6.5 Jul 07

Apache Airflow REST API exposes provider secrets in plaintext through the task-instance detail and list endpoints when t

CVE-2026-48828 MEDIUM
6.5 Jul 07

Sensitive credential exposure in Apache Airflow's Bulk Variables API allows authenticated users with bulk Variable read

CVE-2026-26929 MEDIUM
6.5 Mar 17

CVE-2026-26929 is a security vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management proce

CVE-2026-48891 MEDIUM
4.3 Jul 07

Incomplete authorization filtering in Apache Airflow's `/ui/dependencies` scheduling graph endpoint exposes restricted D

Share

CVE-2026-48892 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy