PT-2026-39578 · Apache Airflow · Apache Airflow Providers Elasticsearch

Aleksandr Sozinov

+1

·

Published

2026-05-11

·

Updated

2026-06-08

·

CVE-2026-41018

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions apache-airflow-providers-elasticsearch versions prior to 6.5.3
Description The Elasticsearch logging provider writes the full host URL into task logs when configured with a host URL that embeds credentials. This allows any user with task-log read permissions to harvest the backend credentials.
Recommendations Upgrade to version 6.5.3 or later. Configure backend credentials via a secret backend instead of embedding them in the host URL.

Fix

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CLEANSTART-2026-AZ09261
CVE-2026-41018
GHSA-G3JR-4JRM-JVQV
PYSEC-2026-22

Affected Products

Apache Airflow Providers Elasticsearch