pkg:PyPI/apache-airflow-core

4 total CVEsHIGH2MEDIUM1LOW1

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2026-32228Apache Airflow: Users with asset materialization permisssions could trigger Dags they had no access to
    >= 3.0.0, < 3.2.0
  • HIGH7.2CVE-2026-25917Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5)
    from 0, < 3.2.0
  • MEDIUM5.3CVE-2026-30912Apache Airflow: Exposing stack trace in case of constraint error
    from 0, < 3.2.0
  • LOW3.7CVE-2026-32690Apache Airflow: 3.x - Nested Variable Secret Values Bypass Redaction via max_depth=1
    >= 3.0.0, < 3.2.0