Apache Airflow <3.3 REST API leak of trigger kwargs secrets
CVE-2026-49487 Published on July 7, 2026
Apache Airflow: Task-instance API exposes secrets in deferred trigger kwargs
In Apache Airflow before 3.3.0, the REST API task-instance detail and list
endpoints returned a deferred task's trigger kwargs without masking. When a
deferred operator passed a secret (for example a provider API key) into its
trigger, any authenticated user with DAG-scoped task-instance read access for
that DAG could read that secret in clear text while the task was deferred.
Users should upgrade to apache-airflow 3.3.0 or later, which masks sensitive
values in trigger kwargs returned by the API.
Vulnerability Analysis
CVE-2026-49487 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2026-49487 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2026-49487
Want to know whenever a new CVE is published for Apache AirFlow? stack.watch will email you.
Affected Versions
Apache Software Foundation Apache Airflow:- Before 3.3.0 is affected.