(Image: Artur Szczybylo/Shutterstock.com). Developers have closed security vulnerabilities in Apache Airflow CNCF Kubernetes Provider and Apache Airflow Amazon Provider. The Apache Airflow components CNCF Kubernetes Provider and Amazon Provider are vulnerable. Following successful attacks, attackers can access the database, among other things. The vulnerabilities. According to two posts on the Seclists.org mailing list, developers have patched vulnerabilities in CNCF Kubernetes Provider 10.17.0 (CVE-2026-27173 [1] “high”) and Amazon Provider 9.28.0 (CVE-2026-42526 [2] “medium”). In the first case, JWT tokens are flawed, allowing users with read access to manipulate the Airflow database. In the second case, unauthorized access to secrets of other teams is possible. So far, software developers have issued no warning of active attacks. Most recently, vulnerabilities in Apache Airflow and Airflow Keycloak were disclosed in April [3] – attackers could have fully compromised vulnerable systems. (des [5]). URL of this article:. https://www.heise.de/-11303487. Links in this article:. https://seclists.org/oss-sec/2026/q2/607. https://seclists.org/oss-sec/2026/q2/608. https://www.heise.de/news/Schadcode-Schlupfloecher-bedrohen-Apache-Airflow-und-Airflow-Keycloak-11268021.html. https://pro.heise.de/security/?LPID=39555_HS1L0001_27416_999_0&wt_mc=disp.fd.security-pro.security_pro24.disp.disp.disp. mailto:des@heise.de. Copyright © 2026 Heise Medien
heise security News