Apache Airflow: Execution API JWT leaked via KubernetesExecutor worker command-line args
High severity
GitHub Reviewed
Published
Jun 1, 2026
to the GitHub Advisory Database
•
Updated Jul 8, 2026
Description
Published by the National Vulnerability Database
Jun 1, 2026
Published to the GitHub Advisory Database
Jun 1, 2026
Reviewed
Jul 8, 2026
Last updated
Jul 8, 2026
A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster (e.g.
pods/getin the Airflow namespace) could harvest the JWT fromkubectl describe podoutput and then call state-mutating Execution API endpoints — triggering Dag runs, clearing runs, reading or writing Variables / Connections / XComs — as if they were a running task. Affects deployments using theKubernetesExecutor. Users are advised to upgrade toapache-airflow3.2.2 or later. This is the airflow-core half of the same vulnerability addressed by CVE-2026-27173, which shipped the apache-airflow-providers-cncf-kubernetes side of the fix. Deployments that already upgradedapache-airflow-providers-cncf-kubernetesto 10.17.0 or later per the CVE-2026-27173 advisory should additionally upgradeapache-airflowto 3.2.2 or later to close the core-side surface — the two fixes are complementary, not duplicates.References