CVE-2026-38743

EPSS 0.06%
Veröffentlicht 24.04.2026 12:36:40
Zuletzt bearbeitet 27.04.2026 12:24:28
Quelle security@apache.org
CVE-Watchlists
Login
Unerledigt
Login

Apache Airflow: Dags endpoint might provide access to otherwise inaccessible entities

The authenticated /ui/dags endpoint did not enforce per-DAG access control on embedded Human-in-the-Loop (HITL) and TaskInstance records: a logged-in Airflow user with read access to at least one DAG could retrieve HITL prompts (including their request parameters) and full TaskInstance details for DAGs outside their authorized scope. Because HITL prompts and TaskInstance fields routinely carry operator parameters and free-form context attached to a task, the leak widens visibility of DAG-run data beyond the intended per-DAG RBAC boundary for every authenticated user.

Users are recommended to upgrade to version 3.2.1 , which fixes this issue.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apache ≫ Airflow Version < 3.2.1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.172

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-1220 Insufficient Granularity of Access Control

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

https://github.com/apache/airflow/pull/64822

Patch

Issue Tracking

https://lists.apache.org/thread/sk2wj0x48o8qb4p7c47gvnhjbm0mg396

Vendor Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2026/04/24/3

Third Party Advisory

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2026-38743

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-38743

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-38743

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-38743