CVE-2025-54550

EPSS 0.06%
Veröffentlicht 15.04.2026 00:22:03
Zuletzt bearbeitet 17.04.2026 18:38:08
Quelle security@apache.org
CVE-Watchlists
Login
Unerledigt
Login

Apache Airflow: RCE by race condition in example_xcom dag

The example example_xcom that was included in airflow documentation implemented unsafe pattern of reading value
from xcom in the way that could be exploited to allow UI user who had access to modify XComs to perform arbitrary
execution of code on the worker. Since the UI users are already highly trusted, this is a Low severity vulnerability.

It does not affect Airflow release - example_dags are not supposed to be enabled in production environment, however
users following the example could replicate the bad pattern. Documentation of Airflow 3.2.0 contains version of
the example with improved resiliance for that case.

Users who followed that pattern are advised to adjust their implementations accordingly.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apache ≫ Airflow Version < 3.2.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.193

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://lists.apache.org/thread/3mf4cfx070ofsnf9qy0s2v5gqb5sc2g1

Vendor Advisory

Mailing List

https://github.com/apache/airflow/pull/63200

Issue Tracking

http://www.openwall.com/lists/oss-security/2026/04/15/1

Third Party Advisory

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2025-54550

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-54550

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-54550

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-54550