CVE-2026-26929 | Apache Airflow up to 3.1.7 FastAPI DagVersion Listing API permission assignment

Inserito da Angelo Barbosa | Mar 17, 2026 | CVE

A vulnerability identified as problematic has been detected in Apache Airflow up to 3.1.7. Impacted is an unknown function of the component FastAPI DagVersion Listing API. This manipulation causes incorrect permission assignment.

This vulnerability is tracked as CVE-2026-26929. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-26929 | Apache Airflow up to 3.1.7 FastAPI DagVersion Listing API permission assignment

Post correlati

CVE-2024-12710 | WP-Appbox Plugin up to 4.5.3 on WordPress cross site scripting

CVE-2023-51616 | D-Link DIR-X3260 prog.cgi SetSysEmailSettings stack-based overflow

CVE-2025-13552 | D-Link DIR-822K/DWR-M920 1.00_20250513164613/1.1.50 /boafrm/formWlEncrypt submit-url buffer overflow

CVE-2025-1173 | 1000 Projects Bookstore Management System 1.0 process_users_del.php id sql injection