CVE-2025-65995 – This vulnerability in Apache Airflow allows aut... (How to Fix)

Q: What is the severity of CVE-2025-65995?

CVE-2025-65995 has a CVSS score of 6.5 (MEDIUM). This vulnerability in Apache Airflow allows authenticated users with DAG view permissions to potentially see sensitive information like secrets when a DAG fails during parsing. The error-reporting UI could expose full operator kwargs containing confidential data. This affects Airflow deployments where sensitive values are passed to operators.

📋 TL;DR

This vulnerability in Apache Airflow allows authenticated users with DAG view permissions to potentially see sensitive information like secrets when a DAG fails during parsing. The error-reporting UI could expose full operator kwargs containing confidential data. This affects Airflow deployments where sensitive values are passed to operators.

💻 Affected Systems

Products:

Apache Airflow

Versions: All versions before 2.11.1 and 3.1.4

Operating Systems: All operating systems running Airflow

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects deployments where sensitive values are passed directly to operator kwargs. Using Airflow's built-in connections/variables for secrets reduces exposure.

📦 What is this software?

Airflow by Apache

View all CVEs affecting Airflow →

Airflow by Apache

View all CVEs affecting Airflow →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full exposure of secrets, API keys, database credentials, and other sensitive configuration data to authenticated users, leading to complete system compromise.

🟠

Likely Case

Accidental exposure of some sensitive configuration values to authorized users who shouldn't have access to those specific secrets.

🟢

If Mitigated

Minimal impact if proper secret management practices are followed (using Airflow connections/variables instead of hardcoded values).

🌐 Internet-Facing: MEDIUM - If Airflow UI is internet-accessible, authenticated users could access exposed secrets.

🏢 Internal Only: MEDIUM - Internal authenticated users with DAG view permissions could access sensitive data they shouldn't see.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW - Requires authenticated access and triggering a DAG parsing failure.

Exploitation requires: 1) Authenticated user with DAG view permissions, 2) DAG that fails during parsing, 3) Sensitive values in operator kwargs.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Airflow 2.11.1 or 3.1.4

Vendor Advisory: https://lists.apache.org/thread/1qzlrjo2wmlzs0rrgzgslj2pzkor0dr2

Restart Required: Yes

Instructions:

1. Backup your Airflow deployment. 2. Upgrade to Airflow 2.11.1 (for 2.x series) or 3.1.4 (for 3.x series). 3. Restart Airflow services (webserver, scheduler, workers). 4. Verify the fix by checking version and testing DAG error handling.

🔧 Temporary Workarounds

Disable DAG error traceback display

all

Configure Airflow to not display detailed error tracebacks in UI

Set `expose_config` to `False` in airflow.cfg or via environment variable `AIRFLOW__WEBSERVER__EXPOSE_CONFIG=False`

Restrict DAG view permissions

all

Limit which users can view DAGs and their error details

Configure RBAC to restrict DAG read permissions to only necessary users

🧯 If You Can't Patch

Migrate all sensitive values from operator kwargs to Airflow Connections/Variables
Implement network segmentation to restrict Airflow UI access to only authorized users

🔍 How to Verify

Check if Vulnerable:

Check Airflow version: if below 2.11.1 (for 2.x) or below 3.1.4 (for 3.x), you are vulnerable.

Check Version:

airflow version

Verify Fix Applied:

After upgrade, verify version is 2.11.1+ or 3.1.4+, and test that DAG parsing errors no longer expose kwargs in UI tracebacks.

📡 Detection & Monitoring

Log Indicators:

Multiple failed DAG parsing attempts from same user
Access to error traceback pages containing sensitive patterns

Network Indicators:

Unusual pattern of DAG view requests followed by error page accesses

SIEM Query:

source="airflow" AND ("DAG parsing failed" OR "Traceback") AND ("password" OR "secret" OR "key" OR "token")

📊 Metadata

CVE ID: CVE-2025-65995

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-209

Published: February 21, 2026

Last Updated: February 25, 2026

🔗 References

https://github.com/apache/airflow/pull/58252 Issue Tracking,Patch
https://github.com/apache/airflow/pull/61883 Issue Tracking,Patch
https://lists.apache.org/thread/1qzlrjo2wmlzs0rrgzgslj2pzkor0dr2 Mailing List,Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/12/12/2 Mailing List,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65995, you might also want to check these: