Kubernetes Executors Expose JWT Tokens in Apache Airflow
CVE-2026-27173

8.7HIGH

Key Information:

Vendor: Apache
Status: Apache Airflow Cncf Kubernetes Provider
Vendor: CVE Published:; 19 May 2026

What is CVE-2026-27173?

A security vulnerability in Apache Airflow allows users with read-only access to Kubernetes Pods to access exposed JWT tokens associated with Kubernetes Executors. This exposure could enable read-only users to perform actions originally restricted to running tasks through the Task SDK. Consequently, this may lead to unauthorized modifications to the task state within the Airflow database, posing significant risks to data integrity and application security.

Affected Version(s)

Apache Airflow CNCF Kubernetes provider 0 < 10.17.0

References

https://github.com/apache/airflow/pull/60108

patch

https://lists.apache.org/thread/pk3m2z4s2rkmc0v6gh9hnch9s...

vendor-advisory

CVSS V3.1

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2026
Vulnerability Reserved
Feb 18, 2026

Credit

Nikolai Dvoinishnikov, Welltory

Anton Kuznetsov, Welltory

Anish Giri

CVE-2026-27173 Data

JSON