Apache · Apache Airflow · CVE-2026-31987
**Name of the Vulnerable Software and Affected Versions**
Apache Airflow versions prior to 3.2.0
**Description**
JWT Tokens used by tasks were exposed in logs. This exposure could allow UI users to act as Dag Authors.
**Recommendations**
Upgrade to version 3.2.0.