CVE-2026-48726 | Apache Airflow up to 3.2.1 FabAuthManager/KeycloakAuthManager revoke_token access control

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability labeled as critical has been found in Apache Airflow up to 3.2.1. Affected by this issue is the function revoke_token of the component FabAuthManager/KeycloakAuthManager. The manipulation results in improper access controls.

This vulnerability is identified as CVE-2026-48726. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-48726 | Apache Airflow up to 3.2.1 FabAuthManager/KeycloakAuthManager revoke_token access control

Post correlati

CVE-2024-9658 | dasinfomedia School Management System Plugin up to 93.0.0 on WordPress Email Address mj_smgt_update_user/mj_smgt_add_admission authentication bypass

CVE-2024-34958 | idcCMS 1.35 banner_deal.php cross-site request forgery

CVE-2026-24469 | frustratedProton http-server up to 1.0 HTTP Request handleRequest filename path traversal (GHSA-qp54-6gfq-3gff)

CVE-2024-12994 | running-elephant Datart 1.0.0-rc3 File Upload /import extractModel file deserialization