CVE-2026-25917: Apache Airflow allows code execution through crafted XCom payloads

April 18, 2026 (updated April 28, 2026)

Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue.

References

github.com/advisories/GHSA-6ffj-2wg2-w45j
github.com/apache/airflow
github.com/apache/airflow/pull/61641
lists.apache.org/thread/6whgpkqbh12rvpfmvcg8b0vwlv4hq3po
nvd.nist.gov/vuln/detail/CVE-2026-25917

Code Behaviors & Features

Detect and mitigate CVE-2026-25917 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →