Apache Airflow <3.2: JWT logs expose Dag authors (CVE-2026-31987): CVE-2026-31987 April 2026

Apache Airflow: JWT token appearing in logs
JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix. Users are recommended to upgrade to version 3.2.0, which fixes this issue.

Vulnerability Analysis

CVE-2026-31987 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

NONE

Availability Impact:

NONE

Weakness Type

Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

Products Associated with CVE-2026-31987

Want to know whenever a new CVE is published for Apache AirFlow? stack.watch will email you.

Apache Airflow <3.2: JWT logs expose Dag authors (CVE-2026-31987)
CVE-2026-31987 Published on April 16, 2026

Vulnerability Analysis

Weakness Type

Insertion of Sensitive Information into Log File

Products Associated with CVE-2026-31987

Affected Versions

Apache Airflow <3.2: JWT logs expose Dag authors (CVE-2026-31987)CVE-2026-31987 Published on April 16, 2026

Vulnerability Analysis

Weakness Type

Insertion of Sensitive Information into Log File

Products Associated with CVE-2026-31987

Affected Versions

Apache Airflow <3.2: JWT logs expose Dag authors (CVE-2026-31987)
CVE-2026-31987 Published on April 16, 2026