CVE-2026-25219 | Apache Airflow up to 3.1.7 Azure Service Bus access_key/connection_string information disclosure

Inserito da Angelo Barbosa | Apr 15, 2026 | CVE

A vulnerability was found in Apache Airflow up to 3.1.7 and classified as problematic. This impacts an unknown function of the component Azure Service Bus. Executing a manipulation of the argument access_key/connection_string can lead to information disclosure.

This vulnerability appears as CVE-2026-25219. The attacker needs to be present on the local network. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-25219 | Apache Airflow up to 3.1.7 Azure Service Bus access_key/connection_string information disclosure

Post correlati

CVE-2023-45483 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn compare_parentcontrol_time stack-based overflow

CVE-2024-6013 | itsourcecode Online Book Store 1.0 admin_delete.php bookisbn sql injection

CVE-2024-0511 | Royal Elementor Addons and Templates Plugin up to 1.3.87 on WordPress wpr_update_form_action_meta cross-site request forgery

CVE-2024-2314 | IOVisor BPF Compiler Collection on Linux Kernel Header kbuild_helper.cc KBuildHelper::get_flags temp file