PT-2026-33314 · Apache · Apache Airflow
Jason Imison
+2
·
Published
2026-04-16
·
Updated
2026-04-16
·
CVE-2026-31987
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors.
Users are advised to upgrade to Airflow version that contains fix.
Users are recommended to upgrade to version 3.2.0, which fixes this issue.
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Airflow