CVE-2026-42526

Name of the Vulnerable Software and Affected Versions apache-airflow-providers-amazon versions prior to 9.28.0

Description In the AWS Secrets Manager and SSM Parameter Store secrets backends, the team-scoping logic could resolve a conn id containing a / (for example, "my team/conn") to the same path as another team's team-scoped secret when the caller lacked team context. This allows a privileged caller without team context to retrieve secrets from another team by crafting a colliding conn id. This issue only affects the experimental multi-tenant teams feature.

Recommendations Upgrade to version 9.28.0.