PT-2026-33593 · Apache · Apache Airflow

Jason

Published

2026-04-18

Updated

2026-04-21

CVE-2026-30912

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.0

Description SQL errors cause the API to expose exception and stack trace information, even when the api/expose stack traces setting is disabled. This behavior can leak sensitive information to a potential attacker.

Recommendations Upgrade to version 3.2.0.

Fix

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668

Related Identifiers

BIT-AIRFLOW-2026-30912

CVE-2026-30912

GHSA-W7CF-2PMC-5M4C

PYSEC-2026-18

Affected Products

Apache Airflow

PT-2026-33593 · Apache · Apache Airflow

CVE-2026-30912

Weakness Enumeration

Related Identifiers

Affected Products

References · 11