CVE-2026-38743 | Apache Airflow up to 3.2.0 Request Parameter /ui/dags insufficient granularity of access control

Inserito da Angelo Barbosa | Apr 24, 2026 | CVE

A vulnerability labeled as problematic has been found in Apache Airflow up to 3.2.0. This affects an unknown function of the file /ui/dags of the component Request Parameter Handler. The manipulation results in insufficient granularity of access control.

This vulnerability is cataloged as CVE-2026-38743. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-38743 | Apache Airflow up to 3.2.0 Request Parameter /ui/dags insufficient granularity of access control

Post correlati

CVE-2024-25837 | October CMS up to 1.3.8 Comments Section cross site scripting

CVE-2024-21360 | Microsoft unknown vulnerability

CVE-2025-10848 | Campcodes Society Membership Information System 1.0 /check_student.php student_id sql injection

CVE-2025-49010 | OpenSC up to 0.26.x USB stack-based overflow