CVE-2026-49267 | Apache Airflow up to 3.2.1 SMTP STARTTLS Connection certificate validation

Inserito da Angelo Barbosa | Giu 1, 2026 | CVE

A vulnerability was found in Apache Airflow up to 3.2.1. It has been declared as problematic. This impacts an unknown function of the component SMTP STARTTLS Connection Handler. Executing a manipulation can lead to improper certificate validation.

This vulnerability appears as CVE-2026-49267. The attack may be performed from remote. There is no available exploit.

It is recommended to upgrade the affected component.

CVE-2026-49267 | Apache Airflow up to 3.2.1 SMTP STARTTLS Connection certificate validation

Post correlati

CVE-2024-47791 | Ruijie Reyee OS prior 2.320.x MQTT Broker wildcards or matching symbols (icsa-24-338-01)

CVE-2024-4609 | Rockwell Automation FactoryTalk View SE up to 13 Datalog sql injection

CVE-2023-38566 | Intel ISPC software prior 1.21.0 uncontrolled search path (intel-sa-00994)

CVE-2024-12839 | Changing Information Technology CGFIDO up to 1.2.0 Device Authentication Login authentication replay