CVE-2026-49298
JWT Token Exposure in Apache Airflow KubernetesExecutor
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: Apache Software Foundation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apache | apache-airflow | 3.2.2 |
| apache | apache-airflow-providers-cncf-kubernetes | 10.17.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-538 | The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a bug in Apache Airflow's KubernetesExecutor where JWT tokens used by worker pods to authenticate against the Execution API are passed as command-line arguments visible in the pod specification.
An authenticated UI/API user with Kubernetes read-only access to the cluster (for example, permission to get pods in the Airflow namespace) can extract the JWT token by running 'kubectl describe pod'.
With the harvested JWT token, the attacker can call state-mutating Execution API endpoints, allowing them to trigger DAG runs, clear runs, and read or write Variables, Connections, or XComs, effectively acting as if they were a running task.
This affects deployments using the KubernetesExecutor and requires upgrading Apache Airflow to version 3.2.2 or later to fix the issue.
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker with limited Kubernetes read-only access to escalate their privileges within Apache Airflow.
The attacker can perform unauthorized actions such as triggering DAG runs, clearing existing runs, and reading or modifying sensitive configuration data like Variables, Connections, and XComs.
This could lead to disruption of workflows, unauthorized data access or modification, and potential compromise of the Airflow environment's integrity.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting Kubernetes pods running Apache Airflow with the KubernetesExecutor to see if JWT tokens are exposed as command-line arguments in the pod specifications.
A practical command to detect this is to use kubectl to describe pods in the Airflow namespace and look for JWT tokens in the command-line arguments:
- kubectl describe pod <pod-name> -n <airflow-namespace>
If JWT tokens appear in the output under the command or args sections, this indicates the vulnerability is present.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade Apache Airflow to version 3.2.2 or later.
Additionally, if you have already upgraded apache-airflow-providers-cncf-kubernetes to 10.17.0 or later as per the related CVE-2026-27173 advisory, you must also upgrade apache-airflow itself to 3.2.2 or later to fully close the vulnerability.
These two upgrades are complementary and both are required to fully mitigate the issue.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an authenticated UI/API user with Kubernetes read-only access to harvest JWT tokens from pod specifications and use them to perform unauthorized state-mutating actions on the Execution API. This exposure of authentication tokens and unauthorized access could lead to data integrity and confidentiality issues.
Such unauthorized access and token leakage may impact compliance with standards and regulations like GDPR and HIPAA, which require strict controls over access to sensitive data and auditability of actions. The ability to impersonate running tasks and modify variables, connections, or other sensitive data could violate these compliance requirements.
Users are advised to upgrade to Apache Airflow 3.2.2 or later to mitigate this risk.