{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25917", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2026-02-09T11:43:28.920Z", "datePublished": "2026-04-18T06:20:11.187Z", "dateUpdated": "2026-04-22T13:58:49.807Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://pypi.python.org", "defaultStatus": "unaffected", "packageName": "apache-airflow", "product": "Apache Airflow", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "3.2.0", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Mahammad Huseynkhanli"}, {"lang": "en", "type": "remediation developer", "value": "Amogh Desai"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low.<br><br>Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue.<br>"}], "value": "Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low.\n\nUsers are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue."}], "metrics": [{"other": {"content": {"text": "low"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-04-18T06:20:11.187Z"}, "references": [{"name": "Apache Airflow PR #61641 (fix)", "tags": ["patch"], "url": "https://github.com/apache/airflow/pull/61641"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/6whgpkqbh12rvpfmvcg8b0vwlv4hq3po"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5)", "x_generator": {"engine": "airflow-s/generate_cve_json.py"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/04/17/9"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-18T06:28:53.080Z"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-22T03:55:40.721298Z", "id": "CVE-2026-25917", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T13:58:49.807Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25917", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2026-02-09T11:43:28.920Z", "datePublished": "2026-04-18T06:20:11.187Z", "dateUpdated": "2026-04-22T13:58:49.807Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://pypi.python.org", "defaultStatus": "unaffected", "packageName": "apache-airflow", "product": "Apache Airflow", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "3.2.0", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Mahammad Huseynkhanli"}, {"lang": "en", "type": "remediation developer", "value": "Amogh Desai"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low.<br><br>Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue.<br>"}], "value": "Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low.\n\nUsers are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue."}], "metrics": [{"other": {"content": {"text": "low"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-04-18T06:20:11.187Z"}, "references": [{"name": "Apache Airflow PR #61641 (fix)", "tags": ["patch"], "url": "https://github.com/apache/airflow/pull/61641"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/6whgpkqbh12rvpfmvcg8b0vwlv4hq3po"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5)", "x_generator": {"engine": "airflow-s/generate_cve_json.py"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/04/17/9"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-18T06:28:53.080Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25917", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-22T03:55:40.721298Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-20T15:55:21.768Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*", "matchCriteriaId": "98A505A1-464C-4895-A628-9D8BEA1458E4", "versionEndExcluding": "3.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low.\n\nUsers are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue."}], "id": "CVE-2026-25917", "lastModified": "2026-04-22T14:16:36.140", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-18T07:16:09.347", "references": [{"source": "security@apache.org", "tags": ["Issue Tracking"], "url": "https://github.com/apache/airflow/pull/61641"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/6whgpkqbh12rvpfmvcg8b0vwlv4hq3po"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2026/04/17/9"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "security@apache.org", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.2.0)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Apache Airflow", "source": "cna", "vendor": "Apache Software Foundation"}, "product": "airflow", "vendor": "apache"}], "analysis": {"en": {"generated_at": "2026-04-20T18:44:24.580095+00:00", "value": {"mitigation_remediation": ["Upgrade to Apache Airflow 3.2.0 or newer, which contains the deserialization fix.", "Limit Dag Author privileges to reduce the ability to submit arbitrary XCom payloads or disable the API endpoints that expose XCom deserialization if the feature is not needed.", "Apply strict role\u2011based access control on the Airflow webserver, ensuring that only users with the minimal necessary permissions can interact with XCom or execute DAG code."], "summary": {"action": "Apply Patch", "impact": "Remote code execution"}, "threat_synthesis": {"affected_systems": "Apache Airflow versions prior to 3.2.0, including 3.1.5, are impacted. The advisory recommends updating to Airflow 3.2.0 or newer to address the issue. Earlier releases that still use the same XCom deserialization logic are also susceptible.", "description_and_impact": "A crafted XCom payload can cause Apache Airflow\u2019s webserver to deserialize arbitrary data and instantiate classes, allowing a Dag Author to execute code in the webserver process. The vulnerability originates from the API extra\u2011links handling and results in untrusted data being deserialized without validation. This flaw enables Remote Code Execution for users with Dag Author privileges, which are considered highly trusted but still pose a risk if they abuse this capability.", "risk_and_exploitability": "CWE\u2011502 classifies this as Deserialization of Untrusted Data; the CVSS score of 9.8 indicates critical severity, however the reported impact is considered low because the attacker must already have Dag Author status, a level of trust within a project. EPSS score < 1% indicates a very low exploitation probability and the vulnerability is not listed in the CISA KEV catalog. Exploit would require the attacker to craft an XCom payload and submit it through the webserver API, which may be limited by role\u2011based access controls. In environments where Dag Authors have unrestricted API access, the risk is heightened, but in tightly controlled deployments the likelihood of exploitation remains moderate."}}}}, "created": "2026-04-18T08:45:41.377719+00:00", "updated": "2026-04-20T18:45:14.233890+00:00", "vendors": ["apache", "apache$PRODUCT$airflow"]}