CVE-2025-68438

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.1.6

Description When rendered template fields in a Dag exceed max templated field length, sensitive values could be exposed in cleartext in the Rendered Templates UI. This is due to the serialization of these fields using a secrets masker instance that did not include user-registered mask secret() patterns, resulting in unreliable masking of secrets before truncation and display.

Recommendations Upgrade to version 3.1.6 or later to resolve this issue.