CVE-2026-45426 | Apache Airflow up to 3.2.1 JWT lstrip authorization

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability categorized as critical has been discovered in Apache Airflow up to 3.2.1. Affected is the function lstrip of the component JWT. Executing a manipulation can lead to authorization bypass.

The identification of this vulnerability is CVE-2026-45426. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2026-45426 | Apache Airflow up to 3.2.1 JWT lstrip authorization

Post correlati

CVE-2025-14252 | Advantech SUSI Driver up to 5.0.24335 susi.sys information disclosure

CVE-2025-15586 | OpenGamePanel OGP-Website up to 52f865a4fba763594453068acf8fa9e3fc38d663 improper authentication

CVE-2023-35876 | WooCommerce Square Plugin up to 3.8.1 on WordPress authorization

CVE-2025-9482 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 portRangeForwardAdd ruleName/schedule/inboundFilter/TCPPorts/UDPPorts stack-based overflow